AlphaBay seller Owlcity arrested due to checking USPS.com tracking numbers

Courtesy of DDW, "DEA: South Florida 'dark web' dealer sold deadly heroin from China" announced the arrest of 'Owlcity', an AlphaBay seller of fentanyl, alpha-PVP, MDMA, cocaine, Xanax. The article incorrectly gives the arrest reason and sounds totally bizarre (he sent them the post office address...?), but when I looked up the complaint the complaint reveals what actually happened - after several undercover buys had localized Owlcity to South Florida, they made another order and:

On February 26, 2016, DEA agents received information from the U.S. Postal Service (USPS) that the tracking status of the Priority Mail package that OWLCITY sent to complete the October 23, 2015 heroin order was queried online on the U.S. Postal Service website from an IP address assigned by AT&T to an a ccount associated with the Leslie Residence.

They began in-person surveillance of Leslie, watched him drive to the post office with additional orders & intercepted the packages, ISP monitoring of Tor activity, correlation of Owlcity inactivity with computer repair, and finally a raid 27 July 2016.


Comments


[68 Points] fu_onion:

obvious opsec pro-tip: Don't use either TOR or your real IP (VPN dude!) to check tracking numbers. One's a red flag that the package might be interesting to LE; the other is a simple bust.


[30 Points] None:

[removed]


[18 Points] CertifiedCrypto:

Holy shit! That is a familiar name on this sub.. Now we know where all the missing packs went :/


[9 Points] TheLastCig:

Hollyyyyyyy fuck ok so I finally get my alprazolam in me for the evening after being anxious all day long right. Then I go check the DNM sub like every other night and fuck fuck fuck my OPSEC has been all wrong for YEARS AHHHHHHHHHHHHH wheres my 4mg bars at 2mg ain't enough for all this dark net crazinesssss

edit: Thank you though. In all seriousness.


[6 Points] chepnut:

I would think it's much safer to check your tracking numbers from a place like mcd's or Starbucks. I have always thought that checking your package on a government website would not be the wisest thing to do from you home


[3 Points] lovelylittlegangster:

We see it time and time again! Using an unprotected connection to do anything shady will land you in hot water. Kickass torrents got screwed the same way (logging in to their Facebook).

All vendors should be using a hardware level VPN connection. Something that's always on. Something they specifically need to dig into router settings and disable. Even running a VPN connection on your desktop isn't good enough because it only takes you forgetting one time to give up your location.

A basic DD-WRT capable router costs as much as 1g of weed. No excuses to be checking USPS tracking with a naked connection.


[3 Points] brightmoor:

Thanks for following up on this gwern. I was baffled by some of the info in the original article (the stuff you mentioned) so it's nice to find out what actually happened.


[2 Points] noonehear:

Seems like the DEA is having some luck with busting fentanyl dealers / vendors.

If coke and heroin is a speedball then what do you call a fentanyl and a-PVP combo?


[2 Points] BilboSwagginzzz:

Such a shame, he had very good m


[2 Points] Vendor_BBMC:

This is only a problem if you're a vendor, you plonkers

They don't need YOUR IP address to find out where YOU live, you idiots. Its written on the package, and the tracking. You can check your own order's tracking. that's what its for. Checking the tracking isn't inherently suspicious. They already know that its a tracked package, and its headed to your house. You're not giving any secrets away.

You're not the sharpest tools in the box, are you? I feel like I'm having to explain "letters" to a bunch of chimps.

If you're a vendor and the customer wants to track the pack, just give them the tracking number and let THEM do it. In case they're cops trying to trick you as in this case.


[2 Points] garchmodel:

damn


[1 Points] XannyManziel:

damn thats a long ass investigation


[1 Points] jjcooli0h:

This is connected to that pipeline investigation

 China → North Dakota → Oregon → South Florida

 

I'd bet money on it.

OP knows what I'm talking about.


[1 Points] vistopher:

What brought attention to him in the first place? Why was the DEA ordering from him?


[1 Points] None:

Maybe it is just me but this is second bust recently where it is clear the DEA/HSI is using AB daily. Be careful.

Also they claim he was part of a " conspiracy with AB administrators unknown". Hopefully I am wrong but it appears he will be charged with the AB conspiracy.

Also find it interesting all the AB detail they go into. Also Deepdot. For all we know they are monitor all traffic to/from deepdot.


[1 Points] jack19056:

Use a cafe near by to check tracking, works for me. Of course spoof your mac address, don't open your standard social media or default browser, use a incognito window.


[1 Points] AHStephen:

This guy is beyond stupid. I just checked his feedback the guy was selling schedule 1 shit 85% of the listings sold for 30-40 bucks.... Lucky if he made 10 Gs... Unreal


[1 Points] None:

[deleted]


[1 Points] PoopooplatterTeehee:

with this talk about USPS tracking and stuff.. how does this affect packages for buyers who rely on myusps to gett tracking? I honestly dont go through the trouble of tails + vpn to check myusps packages


[0 Points] belizeisnotforme:

Thanks /u/gwern amazing as always!


[-3 Points] None:

[deleted]


[-5 Points] None:

[deleted]