Open Letter to Vendors who operated on seized marketplaces

https://www.deepdotweb.com/2017/01/20/three-silk-road-vendors-convicted-for-online-drug-distribution/

This article inspired me to write this. Basically, they sold from 12-13, but weren't arrested til last year. Also the fact LE potentially looked at EVERY PM ON AB AND IS GOING THROUGH THEM AS WE SPEAK.

Now, Im not trying to scare you, but you should be scared if you had any vulnerabilities here. I just want you all to take a good look back and think about any slip ups. This is all built on the assumption that all seized marketplaces are being analyzed on a daily basis. (I forget if Evo or Sheep were seized or just exit scammed.)

The DEA is still filing through all messages and transactions on SR1 as we all know. Im just going to list a few things to be worried about. Please feel free to comment with corrections, Im sure I am off on a number of things.

  1. Unencrypted tracking. This combined with mail covers can easily provide a database of potentially ALL sent packs, and if it was scanned at a PO there could be video footage of the sender.

  2. Cashout methods. The countercrime blockchain analysis technology is far more advanced than in 2012 when everyone thought a simple tumble is all thats needed. Even if you properly washed coins then used an exchange with your real identity, they would see that you have done a lot of business with Bitcoin, if you're already a suspect.

  3. Id assume a handful of vendors had already had their prints and DNA in the system from a prior conviction. I doubt this matters if you dont vend anymore, if they were investigating you and found fingerprints youd probably have known by now, but then again, they could have saved every pack.

  4. EXIF data. GPS locations are on 229(?) Agora vendors photos. I assume even more were on SR. Correlating this with tracking, prints, BTC bank history sounds like good reason to start an investigation.

  5. More correlating things, self kiosks, bank statements paying for supplies/online order history

  6. Correlating checking old tracking to IP addresses.

  7. The fact 16 gov agencies now have access to all of NSAs data, legally, with no parallel construction necessary.

  8. Biometrics, facial recognition, and all that stuff generally blown out of proportion by meth heads.

  9. Everything you type under your vendor name, on any forum or sub. Your bio, past messages, and everything you post on reddit can and will be analyzed to find patterns in your grammar and word choice. Nothing holds a candle to drug illegality when it comes to making the government money people, each vendor arrested will most likely have at least 6 figures. That's enough to give them the budget they need to make all of this happen.

Now what to do with all this information? You cant time travel. Well for starters, know the consequences. All first offender federal trafficking charges have a 5-10 year minimum (depending on the drug). Also, there is a 5 year statute of limitations. This doesn't mean you can just camp out in Russia though, you have to be in good standing living in USA.

I get the impression SR gave a lot of people a feeling of invincibility. Some thought PGP and Tor were all you needed, BTC was fully anonymous, and I dont need to explain what we all learned over the last few years. So are all vendors ticking time bombs? Potentially. Do I know what you can do to protect yourself? Absolutely not, but I encourage everyone reading this to chime in with ideas. Honestly, I think the only way to be positive would be to walk into Mexico and fly to a non-extraditing country.


Comments


[20 Points] TheLaundromat:

Here's a part 2 for new/future vendors:

  1. If you cant encrypt tracking, use privnote sms4tor or temp.pm

  2. Never have your name associated with any bitcoin or exchange. Every vendor has their own secret cashout method, get creative. (hint: you can use fullz without fucking someones credit)

  3. Use gloves, switch up packaging, residential return addresses, make packs look as good as amazon orders, never cut corners. Assume EVERY pack is going to LE.

  4. Scrub exif

  5. If you need to buy supplies online dont use your personal info

  6. Never check tracking unless its absolutely necessary.

  7. If you need to communicate on your phone use encrypted messaging apps.

  8. Wigs and thick glasses may be a little over the top but they wont hurt.

  9. Dont have the same vendor name you did on past markets if you had a lot of sales, especially Schedule I vendors. Tons of good feedback is now a double edged sword.

  10. If you need to ask the community a question make a throwaway, it could show a vulnerability. Vendors asking questions looks unprofessional anyways.

  11. Dont talk about business over reddit PMs. That can be subpoenaed.


[4 Points] RIP_NBOMB_9000:

Good write up, after another AB shitshow and a huge bust it makes us think about good OPSEC.

I think its also important to stress that even as a buyer things arent the way they were even a few months ago. Tumbling is in my opinion absolutely mandatory and bitcoins have to be purchased as anonymously as possible. Gone are the days when you could just send coins from Circle to another clear wallet to the DN. If you have no reason to keep using the same logins/PGP you should start fresh every few months, even with accounts on reddit. Theres no reason to make your name into a brand if you're just a buyer/shitposter. ALWAYS ALWAYS ALWAYS use PGP for sensitive info or really anything on the DN imo, NEVER trust some shitty markets shitty encryption. Ordering to a personal address isn't as safe as it used to be but if you use common sense and buy less than LE would be arsed to do a CD for it should be fine but anonymous drops are ideal and there are plenty of good guides on how to set them up. Overall the actual amount, quality, variety and (generally) price of drugs on the net is better than ever but its a lot more important to have some common fucking sense.


[4 Points] caliking321:

this is why i was pissed vendors were sending tracking through private messeges unecrytped!!! ive known for awhile le has access to messeges i even made a post about it. if any of your vendors have done that you should consider your drop and name KNOWN about at the very least. also in my opinon i think the people who buy small amounts from multiple vendors should be more worried. your more likely to give out address and information to a busted or untrusting vendor. ab needs to start auto encryption on messeges and the fact they havnt rushed to do that REALLY worries me. i have never sent private info non encrypted but i have talked about reselling and resell value with vendors which worrires me because they will go after buyers they know resell rather than the kid who bought a couple tabs. who ever brought this information out your a damn saint! the only way we can help each other is talking about it.


[2 Points] None:

Good post. Great reminders for everyone.


[1 Points] gettinouttathegame:

They only accessed messages 30 days or less not all of them...correct?


[1 Points] Dankness109:

heh. The eastern dude had 911 fans.


[1 Points] alpplz:

Scary shit, for real.


[1 Points] None:

I had a vendor Pm me with no encryption my tracking couple weeks back. Like what the fuck man


[1 Points] None:

[deleted]


[1 Points] UnBlockMePLZ:

IMO there are only a few vendors, who operate 'true OPSEC' which no one here knows about, because we (vendors) dont come on here and just answer questions for whatever reason. MOST top Vendors, are far to occupied with the order logs, marinating evasive outgoing, resolving disputes, extracting and cleaning coins, cashing those coins into fiat, securing drop sites, etc... Vendors who have been staying ahead or on top of the ball make shifts in their operations even before things are go into action and more importantly have an EXIT plan. In the hypothetical situation that they are going to get busted friends and family have explicit instruction on the course of action (were money may be hidden to bail out, safe houses to use as pass throughs, fresh set of Identity docs, and some reasonable way to leave the country and a place awaiting their arrival in the event such is to happen. Fuck if I am sitting inside a cell rotting, over a 'war on drugs' NO WAY. I'd rather live on the run than live in a cell, and almost any vendor who has a strong footing probably feels the same way. So I would advise New Vendors, to pre-plan you events and save the funds and secure a strategy and build on it as you grow. Always send a little money aside for 'Bail' give it to a friend and tell them what its for. Tell a family member where it is, if you have friends across the country be sure to have their current contact info where you have kept the bail $. You'll need it once you bail out. If you have a GPS tracker on your going to need to make a dash for it and lose the GPS at the outside perimeter. (wire cutters will snap that shit clear off your ankle) Get ready to change cars once you do that. Make your way ACROSS STATE LINES to the first safe house. Only stay for 2/3 days while you arrange the rest of your affairs, don't stop moving or you could put a loved one in your cross hairs. Once you make it to the last stop Be sure to have either had Identity Docs secured there in transit or prior. Your going to need to travel light so be sure to have a reserve of $$ so you can start a new life. Litterally. BUY YOUR TICKET AT THE COUNTER! Don't buy it on expedia or whatever. Its going to cost you a shit load more at the counter, but at that point your likely going to be leaving successfully. Also It would be wise to ditch you US Passport waaay ahead of time. They have RFID chips inside them, and can be tracked. DONT USE ANY ELECTRONICS that are not Freshly acquired and DONT link them to your real identity until your out of the country. Sorry you Gmail is going to need to wait for a couple weeks while you save what is left of your life.


[1 Points] MitalikaSucks:

Biometrics, facial recognition, and all that stuff generally blown out of proportion by meth heads.

This


[1 Points] None:

I'm not gonna be popular for saying this. But I think you are way over estimating how much law enforcement is gonna investigate. They're gonna dust seized packs for prints then search the local fingerprint database for wherever the return address is, really? Doing this for just one pack would take a huge amount of resources, let alone every pack. They might look out for reusing monikers or aliases on different sites, but analyzing grammar and spelling? Highly doubt it. And that's not damning evidence, at best it is just more LE resources spent to investigate this person more because he said this phrase or used that username.

Each vendor will have at least six figures

This was the point where I realized you really don't know what you are talking about. Never used Silkroad but the most expensive vendor bond is alphabay and its $250 right? You think everyone who paid that much is gonna have hundreds of thousands lying around? Highly fuckin doubt it. Most drug dealers spend most of their cash re upping. Which applies to dnm's and bitcoin ten times more since its a lot easier to buy more drugs with bitcoins than buy a fancy car or house.

I will admit, some of the things you mentioned scared me, like Agora and SR saving GPS data for photos. I can't even believe they would overlook that. This is why I like dream even though everyone bitches about it, its not too big where its a main focus of LE, and it seems to be pretty secure, but its still got enough of a variety to be enough.

Know that you are just looking out and trying to help people I'm just trying to balance this with a little bit of realism


[1 Points] southside45:

I understand the paranoia but I think everyone overestimates the reach of LE with certain things. All these things you guys are talking about can be so easily overcome even if you keep the same info after SR. Update your PGP, Don't buy with anything related to your vendor ID and just change packing locations and have multiple drops and don't be greedy. The bigger danger is on the buy side cause you get exposed on the pick up end. But typically LE can't get caught up wasting time on small amounts. Everybody has to chill there are lots of really great vendors around since SR and they know what they are doing. Buyers pay more attention to your opsec cause you are more vulnerable.


[1 Points] Deku-shrub:

Also the fact LE potentially looked at EVERY PM ON AB AND IS GOING THROUGH THEM AS WE SPEAK.

/u/alphabaysupport pmed me following my article saying the following:

The web logs show that it wasn't exploited until 4 days ago. The attacker then started dumping messages, and once he announced it, we paid him and immediately closed the loop.

They should have announced that they have searched for evidence of a previous breach but didn't find any. They neglected to do this in this breach announcement which was an oversight IMO