Ways Law Enforcement Busts Dark Web User

VictorBands98

Established Contributor
Regular Member
Joined
Apr 11, 2022
Threads
20
Post Replies
158
Status
online
Last seen
Users of the dark web are protected by a veil of technological anonymity. This has given majority of the users a sense of security and belief that they are beyond the reach of law enforcement officer. This has been proven to be wrong in a large number of instances where users have been busted by these officers.
The Postal System

Even after the sophisticated technology to guarantee users anonymity, the dark web market vendors depend on the postal system or ordinary couriers to deliver their products such as drugs.


Even after taking a lot of care to ensure that the products are not seized by the custom authorities, law enforcement officers may investigate where the package is being sent to or where it is being sent from.
In other cases the post offices provide a good surveillance opportunity for the Feds.


A perfect example is of Chukwuemeka Okparaeke who was a Fentanyl dealer in the Alphabay dark web marketplace. According to a filing by the US department of Justice (DOJ), Okparaeke was seen at several post offices in Midtown New York. He was also fond of buying priority delivery stamps in bulk and to add to all this, the postal staff had viewed his driving license. His biggest mistake however was depositing large numbers of packages at US post offices while wearing latex gloves. This caught attention of the postal staff.


Law enforcement was already interested in that area as a source of fentanyl analogs and as such an approach by a postal inspector was seriously taken. The officers placed an order with fentmaster at Alphabay and were able to arrest Okparaeke after successfully being able to tie him to the fentanyl he sent them.


On his arrest his phone was found to have the private internet access VPN app, Orbot TOR proxy app and a bitcoin app. He also had not cleared his browsing history and was thus easily tied to the drug dealing activities.
Delivery of products through the post office continues to pose a big challenge for a majority of vendors in the dark web markets.
Digging Through Seized Data

An arrest of a vendor or seizure of a marketplace can provide a large amount of data in which investigators find leads they then can use to bust other dark web users.


Through Operation onymous, which was an international law enforcement operation targeting dark web markets and other services operating on the TOR network, marketplaces such as Silk Road 2.0, Hydra and Cloud 9 were seized and shut down.


The operation provided information that led to up to 17 arrests in different countries. One of the arrests made during the operation was of a Durham couple who were operating as cannabis shop on Silk Road 2.0.
Users of the dark web markets may leave digital footprints in open forums or public documents that eventually disclose their identities to investigators.
Ross Ulbricht the creator of the original Silk Road marketplace had his identity revealed by a special agent with the Criminal investigation Unit of the Internal Revenue Service (IRS) Gary Alford, who after googling the onion address of Silk Road on the normal internet, found an advertisement made by Ulbricht on a famous bitcoin forum bitcoin.org under the username altoid in a bid to attract more customers onto the Silk Road. A post from several months later on the same forum showed the personal email of Ulbricht in the text of the post, a later search on his email confirmed that he had set up an account on bitcoin.org under his personal email address.


Availability of his personal information highly contributed to his arrest and conviction resulting in a life sentence without parole.
A simple google search took down Ross Ulbricht who was a major player in the development of all dark web markets.
Undercover Operations

Due to availability of tools that provide users with anonymity, it is impossible to really know who is at the other end of a conversation. Law enforcement have taken advantage of these anonymity tools and posed as vendors, buyers or even administrators of marketplaces without the knowledge of other users. This has enabled them to bring down marketplaces while also busting the administrators, vendors and buyers.


Dutch Law enforcement took control of Hansa on June 20 this year after arresting two of its administrators in Germany. They secretly ran the site while monitoring activities of the users. They were able to obtain addresses and identities of a majority of the users.


The undercover operation led to arrest of a number of Hansa users. In the Netherlands the law enforcement arrested a 28 years old man for allegedly selling cannabis both domestically and internationally through the Hansa site using Quality weeds as his vendor name.


Other arrests attributed to the undercover operation by the Dutch authorities at Hansa has been made in other countries such as Australia by the Australian Federal Police (AFP).
Hacking

Authorities have tried to circumvent TOR by attacking the endpoint which is usually the computers being used by the individuals visiting the dark web sites. Hacking could be the most effective way of identifying users since once it is successful, a large number of computers can be unmasked and the IP addresses of the users can be disclosed.
Back in February 2015, the FBI seized a dark web child pornography site Playpen in an operation called Operation pacifier and ran the site from a government facility in Virginia for two weeks. During this time the agency deployed a hacking tool they called Network Investigative Technique (NIT). The tool was used to expose IP addresses of those accessing the site on the assumption that they were either trying to distribute or access child pornography.


Using the NIT the FBI were able to obtain over a thousand users of playpen users based in the US.
The hacking operation resulted into arrests of more than 135 people in 18 states in the US over child pornography cases.
 

StormOneOnly

Established Contributor
Regular Member
Joined
Jun 5, 2022
Threads
13
Post Replies
163
Status
away
Last seen
Users of the dark web are protected by a veil of technological anonymity. This has given majority of the users a sense of security and belief that they are beyond the reach of law enforcement officer. This has been proven to be wrong in a large number of instances where users have been busted by these officers.
The Postal System

Even after the sophisticated technology to guarantee users anonymity, the dark web market vendors depend on the postal system or ordinary couriers to deliver their products such as drugs.


Even after taking a lot of care to ensure that the products are not seized by the custom authorities, law enforcement officers may investigate where the package is being sent to or where it is being sent from.
In other cases the post offices provide a good surveillance opportunity for the Feds.


A perfect example is of Chukwuemeka Okparaeke who was a Fentanyl dealer in the Alphabay dark web marketplace. According to a filing by the US department of Justice (DOJ), Okparaeke was seen at several post offices in Midtown New York. He was also fond of buying priority delivery stamps in bulk and to add to all this, the postal staff had viewed his driving license. His biggest mistake however was depositing large numbers of packages at US post offices while wearing latex gloves. This caught attention of the postal staff.


Law enforcement was already interested in that area as a source of fentanyl analogs and as such an approach by a postal inspector was seriously taken. The officers placed an order with fentmaster at Alphabay and were able to arrest Okparaeke after successfully being able to tie him to the fentanyl he sent them.


On his arrest his phone was found to have the private internet access VPN app, Orbot TOR proxy app and a bitcoin app. He also had not cleared his browsing history and was thus easily tied to the drug dealing activities.
Delivery of products through the post office continues to pose a big challenge for a majority of vendors in the dark web markets.
Digging Through Seized Data

An arrest of a vendor or seizure of a marketplace can provide a large amount of data in which investigators find leads they then can use to bust other dark web users.


Through Operation onymous, which was an international law enforcement operation targeting dark web markets and other services operating on the TOR network, marketplaces such as Silk Road 2.0, Hydra and Cloud 9 were seized and shut down.


The operation provided information that led to up to 17 arrests in different countries. One of the arrests made during the operation was of a Durham couple who were operating as cannabis shop on Silk Road 2.0.
Users of the dark web markets may leave digital footprints in open forums or public documents that eventually disclose their identities to investigators.
Ross Ulbricht the creator of the original Silk Road marketplace had his identity revealed by a special agent with the Criminal investigation Unit of the Internal Revenue Service (IRS) Gary Alford, who after googling the onion address of Silk Road on the normal internet, found an advertisement made by Ulbricht on a famous bitcoin forum bitcoin.org under the username altoid in a bid to attract more customers onto the Silk Road. A post from several months later on the same forum showed the personal email of Ulbricht in the text of the post, a later search on his email confirmed that he had set up an account on bitcoin.org under his personal email address.


Availability of his personal information highly contributed to his arrest and conviction resulting in a life sentence without parole.
A simple google search took down Ross Ulbricht who was a major player in the development of all dark web markets.
Undercover Operations

Due to availability of tools that provide users with anonymity, it is impossible to really know who is at the other end of a conversation. Law enforcement have taken advantage of these anonymity tools and posed as vendors, buyers or even administrators of marketplaces without the knowledge of other users. This has enabled them to bring down marketplaces while also busting the administrators, vendors and buyers.


Dutch Law enforcement took control of Hansa on June 20 this year after arresting two of its administrators in Germany. They secretly ran the site while monitoring activities of the users. They were able to obtain addresses and identities of a majority of the users.


The undercover operation led to arrest of a number of Hansa users. In the Netherlands the law enforcement arrested a 28 years old man for allegedly selling cannabis both domestically and internationally through the Hansa site using Quality weeds as his vendor name.


Other arrests attributed to the undercover operation by the Dutch authorities at Hansa has been made in other countries such as Australia by the Australian Federal Police (AFP).
Hacking

Authorities have tried to circumvent TOR by attacking the endpoint which is usually the computers being used by the individuals visiting the dark web sites. Hacking could be the most effective way of identifying users since once it is successful, a large number of computers can be unmasked and the IP addresses of the users can be disclosed.
Back in February 2015, the FBI seized a dark web child pornography site Playpen in an operation called Operation pacifier and ran the site from a government facility in Virginia for two weeks. During this time the agency deployed a hacking tool they called Network Investigative Technique (NIT). The tool was used to expose IP addresses of those accessing the site on the assumption that they were either trying to distribute or access child pornography.


Using the NIT the FBI were able to obtain over a thousand users of playpen users based in the US.
The hacking operation resulted into arrests of more than 135 people in 18 states in the US over child pornography cases.
URL bar: about:config
search: java
Disable Javascript.enabled :true
Will become: Javascript.enabled : false (disabled)
 

VictorBands98

Established Contributor
Regular Member
Joined
Apr 11, 2022
Threads
20
Post Replies
158
Status
online
Last seen
Thank you, i've been toggling noscript everytime I used tor for the past 4 years. Never knew it was that simple, but I guess you could say that for a lot of things here on the dw.
 

StormOneOnly

Established Contributor
Regular Member
Joined
Jun 5, 2022
Threads
13
Post Replies
163
Status
away
Last seen
Also disable webgl, and put your tor settings to SAFEST.
Can you elaborate on this a bit more?
Maybe link any relevant information that explains how and what the implications of WebGL are.
 

StormOneOnly

Established Contributor
Regular Member
Joined
Jun 5, 2022
Threads
13
Post Replies
163
Status
away
Last seen
ty for reply.. would i be safe googling "illegal" shit on my burner laptop with a vpn on home wifi?
First, you shouldn't be using "GOOGLE" . Also, I really suggest you read the "DMB". It has a lot of useful (safe) tips.
 

VictorBands98

Established Contributor
Regular Member
Joined
Apr 11, 2022
Threads
20
Post Replies
158
Status
online
Last seen
ok what should i use? ty btw
DuckDuckGo is good. I've even found that Yandex (Russian Google, basically) isn't bad. They have an english version, yandex.eu . Both work fine for me with javascript disabled and browser set on the highest security level.
 

StormOneOnly

Established Contributor
Regular Member
Joined
Jun 5, 2022
Threads
13
Post Replies
163
Status
away
Last seen
DuckDuckGo is good. I've even found that Yandex (Russian Google, basically) isn't bad. They have an english version, yandex.eu . Both work fine for me with javascript disabled and browser set on the highest security level.
What do you think of Ahmia.fi?
 

VictorBands98

Established Contributor
Regular Member
Joined
Apr 11, 2022
Threads
20
Post Replies
158
Status
online
Last seen
a vpn hides your traffic from the internet company and no one else. it is not security. never do anything on vpn that you would not do without & assume vpn traffic is public
 

StormOneOnly

Established Contributor
Regular Member
Joined
Jun 5, 2022
Threads
13
Post Replies
163
Status
away
Last seen
a vpn hides your traffic from the internet company and no one else. it is not security. never do anything on vpn that you would not do without & assume vpn traffic is public
VPN hides your traffic from the internet company and your actual ip address from the sites you connect to. Especially with javascript disabled. It also hides your traffic from the public or home router (unless it is ON your router) and anybody who happens to be sniffing your wifi traffic, or trying to access it anywhere between your computer and your VPN server.

It hides pretty much all metadata from your ISP (except for amount of data sent/received, speed of transmission, the ip address of the VPN server, and the dates/times you are connected), especially when not using encrypted communications (http web browsing, ftp, p2p/bittorrent, etc) while also blocking info about your identity and location from the sites you visit if your VPN and OpSec are any good.

If you have a GOOD VPN, you can assume your traffic all the way up to the VPN server that you connect to is private, and if you use https, ssh, sftp (not actually sure this is all that secure these days since everybody seems to recommend ssh instead), or Tor it's safe even after leaving your VPN's server too.

VPN's can be excellent for your safety and anonymity. You just gotta know what you are doing and make sure you're using a good VPN, that's all.
 

Users who are viewing this thread

Top