On Thursday international law enforcement agencies including the FBI, the Department of Homeland Security and Europol took down the Silk Road 2 and arrested its alleged operator 26-year-old Blake Benthall in San Francisco, as part of a joint operation dubbed “Onymous.” In total Operation Onymous arrested 17 people in as many countries and seized 414 .onion domains for at least 28 dark market sites.
Benthall, who is accused of running the new Silk Road under the handle “Defcon,” has been charged with narcotics trafficking, as well as conspiracy charges related to money laundering, computer hacking, and trafficking in fraudulent identification documents. The criminal complaint against him alleges that the Silk Road 2 sold hundreds of kilograms of drugs of every description to hundreds of thousands of buyers around the world, with bitcoin-based sales of more than $8 million per month at the time of its seizure.
In its public legal complaint against Benthall, the FBI says it made use of an undercover Department of Homeland Security Investigations agent, referred to in the document as “HSI-UC,” who successfully infiltrated the second Silk Road’s inner circle, giving him or her incredible access to its inner workings.
The undercover agent was in on it from before the site even started, according to law enforcement claims. On Oct. 7, 2013, the agent made his or her way in a Deep Web forum devoted to creating a replacement for the first Silk Road site, which was shut down in a similar bust last year. The next day, that agent became a moderator. That forum ended up becoming the official one for the new Silk Road, giving the government ground-floor access to its operations.
Over the coming months, the undercover agent testified, Defcon oversaw the site’s major moves, including changing servers, upgrading Bitcoin payment platforms, and setting the commission rates that the Silk Road took in. When the second Silk Road was hacked for a massive loss in September, Defcon confided to the undercover agent that he would pay 1,000 BTC ($345,000) of his own money to get the site running again as soon as possible. Defcon was also in charge of paying the staff, and directly paid the undercover agent a salary of the equivalent of about $42,000 in bitcoins.
There is one hole–possibly deliberate–in the FBI’s recounting of what happened. The agency reports that in May, it identified a foreign server, commissioned someone to conduct a forensic analysis of it, and found that indeed was the basis of Silk Road 2.0’s operations. But it neglects to say how it identified that particular server, or what legal basis it used to search it, though it’s possible the agent found the server through his or her administrative privileges.
The sheer number of Tor-hosted sites affected by the takedown raises questions about whether law enforcement officials may have found new vulnerabilities in Tor’s well-tested anonymity shield.
Asked how Operation Onymous located the sites, Europol’s Oerting was unapologetically secretive. “This is something we want to keep for ourselves,” he said. “The way we do this, we can’t share with the whole world, because we want to do it again and again and again.”
There is significant controversy over how the agency found the first Silk Road’s servers. The FBI discovered them located in Iceland, and claimed that their location were made public because Ulbricht didn’t properly conceal the site in Tor. But recent reports show that the National Security Agency (NSA) sometimes engages in “parellel reconstruction“—using its considerable technological power to find alleged criminality outside its jurisdiction, without a warrant, and then tips its findings to a relevant law enforcement agency, trusting them to find evidence once they already know their suspect. Some critics have argued out that the first Silk Road’s “mistake” was too glaring, and suspect Ulbricht was actually illegally nabbed through parellel reconstruction.
Once the FBI had that server, though, it was all over. The FBI noticed it regularly sent customer service emails to a particular Gmail address. The agency then subpoenaed Google for that user’s account. They found it was both registered to “Blake Benthall” and its owner identified himself by that name in multiple emails. Google also gave up that user’s IP address, which the FBI found matched one with administrative access to the Silk Road server. Moreover, the agency noticed, for a short while in April, that server was accessed by an IP address tied to a hotel in Las Vegas. Guest records showed Benthal stayed there during those days. This incident repeated itself in Lake Tahoe in June.
In September, the feds moved in. FBI agents followed Benthall on a trip to see family in Houston, Texas, posted up outside his house, and corroborated with the undercover agent that Defcon was active when Benthall was inside his family’s house, and silent when he was gone. The FBI acquired a Pen register from a court, which allows them to monitor a home’s Internet use, and noted that Benthall used Tor when Defcon was active.
The complaint also traces Benthall’s proceeds from his alleged management of the Silk Road 2’s bustling sales. Law enforcement officials found that he used a bitcoin exchange to cash out $273,626 between Silk Road 2’s creation in November of last year and October of this year. About $70,000 of that money went towards a down payment on a $127,000 Tesla Model S.
Benthall is accused of taking control of the Silk Road in December of last year, one month after it was created to replace the original Silk Road after the site’s October 2013 bust by the FBI. The Silk Road 2, like its predecessor, was initially run by a pseudonymous figure known as the Dread Pirate Roberts. But after the arrest of three alleged Silk Road 2 staffers who were also accused of working for the original Silk Road, the Dread Pirate Roberts disappeared, allegedly leaving Silk Road two in Benthall’s control.
“It has been over 24 hours since we last heard from our captain,” Benthall is accused of writing under his Defcon handle on December 22nd of last year. “As his second in command, I have very clear instructions as to what to do in this worst case scenario…I cannot elaborate on specifics, but the marketplace is safe in my hands until the Captain returns or his successor appears.”
Before his disappearance, Silk Road 2’s Dread Pirate Roberts declared that he had created a plan to relaunch the site in minutes in case of a law enforcement bust. The site’s code, he said, had been backed up to 500 locations in 17 countries. “If I go down, people publish their part of the puzzle and it is trivial to unlock the backups,” he wrote at the time. “Hydra effect on a massive scale.”
But the Feds’ latest seizure has also included the Silk Road 2’s forum site, which administrators, vendors and buyers used for communication and coordination. That disruption could make it far more difficult for both the site’s staff and its users to regroup and launch a “Silk Road 3.”
Intriguingly, Benthall, who could face life in prison if convicted on charges including conspiracy to commit narcotics trafficking, shares various similarities to Ulbricht, the alleged creator of the first Silk Road. Like Ulbricht, Benthall hails from Texas and was arrested while living and working in San Francisco. One neighbor at Benthall’s residence in the city’s Mission district said that FBI agents were in the backyard of the residence last night and had cordoned off part of the street.
According to his various social networking pages, Benthall came to San Francisco for work around 2009 after attending Florida College, a private Christian school in Temple Terrace, Florida. His LinkedIn page notes that he worked for various Bay Area tech firms in engineering positions, typically staying a few months at each job. Most recently, he worked at a web and mobile development company Carbon Five and spent six months as a flight software engineer for Space Exploration (SpaceX) Technologies in Los Angeles.
Benthall most recently worked for himself at Codespike, a technology incubator he ran out of his San Francisco home, according to business records. He called himself a “Bitcoin dreamer” on his Twitter page and left a wide digital footprint online.
More about Blake Benthall here.
In his first court appearance since being arrested, Silk Road 2.0 suspect Blake Benthall appeared before a federal judge on Thursday. He was not in handcuffs or shackles; the accused wore street clothes, including a gray hoodie that read “INTERNET BETTER” across the back.
During the brief hearing, Benthall did not speak other than to say that he is the named suspect and to confirm his age as 26.
As Benthall has not been given a formal indictment, he did not enter a plea.
The hearing lasted around 15 minutes, resulting in Judge Jacqueline Scott Conley’s decision to allow a custody hearing on Friday before Benthall’s likely transfer to New York, where the federal complaint originated.
In court, federal prosecutor Kathryn Haun said that Benthall was likely to flee and should not be released. “He was found with over $100,000 in cash at home,” Haun told the court. “He has a passport. We’re not aware of whether that was secured. In addition to all of the detail, Mr. Benthall did admit to everything after receiving his Miranda rights—that he was the administrator of Silk Road 2.0. Our principle basis is flight risk at this point.”
Benthall will be interviewed by federal investigators as part of “pretrial services” on Thursday and will likely be held in custody in Oakland. He is due to appear in court in San Francisco again on Friday.
The man accused of operating a major online drug marketplace will not have his bail hearing in San Francisco after all.
Blake Benthall, the San Francisco man accused of operating a Dark Net marketplace for illegal drugs called Silk Road 2.0, was transported on Friday to New York, where he is expected to face narcotics trafficking, hacking, and money laundering charges.
U.S. Magistrate Judge Jacqueline Scott Corley ordered on Thursday that Benthall be transported to the Southern District of New York and that bail be determined on his arrival. Corley had initially been expected to determine whether or not Benthall would be awarded bail on Friday morning.
U.S. Marshals deputy Joe Palmer confirmed to the Daily Dot that Benthall is in the transfer process. He would not say whether he is in transit or has already arrived in New York.
Crises spawn opportunists, and the collapse of Silk Road 2.0 is no exception. Mere hours after the news broke that Blake Benthall had been arrested on suspicion of operating the Dark Net drug marketplace, a new pretender was already in place—Silk Road 3 Reloaded.
The major difference between Silk Road 2.0 and this “reloaded” iteration is that while 2.0 was specifically established in response to the original Silk Road’s closure, Silk Road 3 Reloaded actually predates the FBI raid on Benthall.
This is because the site hasn’t always been called Silk Road 3 Reloaded. Before news broke of 2.0’s shuttering, the website went by a different name: Diabolus Market.
While the name change is clearly intended to ride the crest of interest sparked by the raids, Diabolus Market began with humbler intentions. Launched just under a month ago, Diabolus billed itself as a “cannabis only” marketplace, a “peaceful, simple and professionally run service with an expert development team.”
The individual promoting Diabolus market on Reddit told the Daily Dot that the name change wasn’t an act of opportunism, but that the marketplace is actively working with a member of the team from Silk Road 2.0. “A senior figure who I have verified reached out to me about hosting the next SR iteration,” they claim. “He/she is using my code and servers but is operating SR3.0 themselves. I don’t have anything more to say.”
But even if 3.0 turns into 4.0 turns into 5.0, Silk Road and its ilk aren’t the future of deep web contraband. More likely, the latest bust will only buoy a new wave of decentralized markets.
I talked to Carlos Lopez (a pseudonym, naturally), a prominent darknet vendor, about what the future of darknet drug deals looks like after the raid. “For any site nowadays longevity is vital, and for me as a vendor thinking long-term, and for me to take it seriously, it would need to be decentralized,” he told me over encrypted email.
Peer-to-peer markets will not have a “Dread Pirate Roberts” at the helm. Without a figurehead/operator to arrest and a main datacenter, it would be far more difficult for law enforcement to seize a decentralized dark market. Using this model, people could create any number of different markets, and law enforcement would have to cast a far wider net to arrest vendors and buyers instead of going after admin. (And that will probably happen, but it will declaw any drug bust PR.)
“The revolution that DPR (alleged Ross Albricht) started is continuing unabated, even though the mantel will probably be taken up by another entity,” said Lopez.
There is already one decentralized market gaining support after this raid, called OpenBazaar. It’s not meant to be a hub of drug sales; it’s meant to be an eBay rival. OpenBazaar wants to work for all peer-to-peer commerce, and while markets like Silk Road and Evolution focused on illegal product sales, OpenBazaar does not. That doesn’t mean that people can’t use it to sell drugs, though. They very much could. And when they do, it will be harder for law enforcement to arrest a figurehead, because there won’t be one.
OpenBazaar isn’t ready for secure transactions yet, and it’s still in beta. But it has a savvy team of volunteer developers prepping it, including Google software engineer Dionysis Zindros. It could represent an interesting development for peer-to-peer transactions of all types, but since the darknet’s drug community is currently without a secure home, it could also turn into a safer option for former Silk Road vendors and buyers.