Indictment: https://assets.documentcloud.org/documents/2852008/Farrell-Sentence.pdf
Excerpts:
In July 2014, Seattle agents received a lead that a particular IP address had accessed the vendor portion of SR2.
According to Comcast records, the IP address resolved to Farrell's address.
I am wondering if anyone here has clues as to how LE came across his home IP address if he was using TOR Browser Bundle to access the vendor portion? Something doesn't add up.
Was SR2 a LE Honeypot? Or was he De-anonymized by another operation?
Or was SR2 leaking IP? Even if it leaked IP, it would have leaked the server IP and not his home IP, it is very strange that LE would find out his IP if he was using basic precautions such as TOR/Tails.
Any ideas about this little incident?
If LE is able to obtain the IP address of a normal person accessing a darknet market via TOR, what is stopping them from obtaining the IP address of all users of DNMs?
ITGWRC the SR2 vendor URL was a honeypot and SR2 was compromised from its inception. (Among the founding members "Cirrus" was an FBI agent at least and there may have been others).
It appears getting the IP addresses from the vendor URL was reasonably time and labor-intensive: sorting out everybody's IP address would be a whole lot of work to find people who bought grams of weed etc.