If You’re Going to Run an Illegal Business Don’t Hire a Fed

The big news floating around the darknet community is that the Federal Bureau of Investigations (FBI) managed to shutdown Silk Road 2.0. When the news first broke there was a lot of speculation about how the FBI managed to do this. Many people theorized that the FBI has managed to break Tor’s hidden service functionality in such a way that it can identify the location of servers. As it turns out the FBI’s method was much more mundane:

The complaint describes how federal agents infiltrated Silk Road 2.0 from the very start, after an undercover agent working for Homeland Security investigators managed to infiltrate the support staff involved in the administration of the Silk Road 2.0 website.

“On or about October 7, 2013, the HSI-UC [the Homeland Security Investigations undercover agent] was invited to join a newly created discussion forum on the Tor network, concerning the potential creation of a replacement for the Silk Road 1.0 website,” the complaint recounts. “The next day, on or about October 8, 2013, the persons operating the forum gave the HSI‐UC moderator privileges, enabling the HSI‐UC to access areas of the forum available only to forum staff. The forum would later become the discussion forum associated with the Silk Road 2.0 website.”

The complaint also explains how the feds located and copied data from the Silk Road 2.0 servers. “In May 2014, the FBI identified a server located in a foreign country that was believed to be hosting the Silk Road 2.0 website at the time. On or about May 30, 2014, law enforcement personnel from that country imaged the Silk Road 2.0 Server and conducted a forensic analysis of it . Based on posts made to the SR2 Forum, complaining of service outages at the time the imaging was conducted, I know that once the Silk Road 2.0 server was taken offline for imaging, the Silk Road 2.0 website went offline as well, thus confirming that the server was used to host the Silk Road 2.0 website.”

The FBI didn’t utilize anything fancy, it relied on old fashioned investigative work. First it infiltrated an agent into the Silk Road 2.0 team and then it obtained the cooperation of foreign law enforcers to obtain an image of the server and looked to see if complaints of downtime corresponded to the server being taken down for imaging.

The takeaway from this is that keeping a hidden service truly hidden is difficult, especially when your adversary has the resources of government law enforcers on its side. That doesn’t mean it’s impossible but you have to know exactly what you’re doing.

As an agorist I’m a huge fan of “black” market businesses so long as they don’t involved initiating force against people. Silk Road was a great business that not only managed to siphon funds away from the state and render its drug prohibition irrelevant but it also made the drug trade safer by separating customers from sellers with a nice barrier of anonymity. While Silk Road 2.0 shutting down is rather sad it’s not the end of the world since another hidden service will rise to replace it. Hopefully the new online drug market will learn lessons from this case and make themselves even more difficult to shutdown.