Vulnerabilities / Threats
10/2/2013
02:44 PM
Connect Directly
LinkedIn
Twitter
Google+
RSS
E-Mail
50%
50%

Silk Road Founder Arrested

Infamous online black market alleged to have generated $1.2 billion in sales of illegal products and services since 2011.

9 Android Apps To Improve Security, Privacy
9 Android Apps To Improve Security, Privacy
(click image for larger view)
The FBI has arrested the founder of Silk Road, perhaps the most notorious online marketplace for illegal products and services.

Ross William Ulbricht, 29, was arrested in San Francisco, Calif., on Tuesday. Also known as Dread Pirate Roberts, Ulbricht is charged with conspiracy to distribute narcotics, computer hacking and money laundering, according to court documents posted by security writer Brian Krebs.

During the more than two years that the online black market is said to have operated, authorities estimate that Silk Road generated over $1.2 billion in sales and $80 million in commissions, paid in the cryptographic currency of Bitcoins.

Silk Road, according to the complaint, offered a variety of illicit goods, including a wide variety of narcotics, hacking tools, forged documents, services for hacking accounts at social networking sites such as Facebook and Twitter, and resources for obtaining stolen account data and for getting in touch with arms dealers and assassins.

[ Google continues to face legal headaches over its email scanning and Wi-Fi data collection practices. Read Google Wiretapping Lawsuits Can Proceed, Judges Say. ]

Ulbricht is also alleged to have solicited the murder of a Silk Road user, "FriendlyChemist," who hacked the service, obtained information about customers and then threatened to publish the data unless paid $500,000, according to the complaint filed in a New York court. "FriendlyChemist" ostensibly wanted this money to pay off a narcotics debt.

Based on email messages described in the complaint, Ulbricht asked "FriendlyChemist" to have the people who were owed money get in touch. When someone identified as "readandwhite" did so, Ulbricht allegedly offered a bounty for the execution of "FriendlyChemist," though he has not been charged with soliciting murder.

Faced with a hit estimate of $150,000 to $300,000, depending upon the level of professionalism employed, Ulbricht is said to have tried to bargain the price down, noting, "Not long ago I had a clean hit done for $80K." The negotiation for a lower fee appears to have been unsuccessful: The complaint indicates that Ulbricht dispensed 1,670 bitcoins, about $150,000, for the job.

But Ulbricht might not have gotten what he supposedly paid for: Despite "redandwhite's" assurance that the job was done, with a picture sent as proof, FBI special agent Christopher Tarbell says in the complaint that he spoke with authorities in Canada where "FriendlyChemist" was said to live and that there's no record of a resident of the town of White Rock, British Columbia, who went by the name provided to "readandwhite" and there is no record of a murder in the town during the period in question.

Ulbricht's arrest appears to have been made possible by "a routine border search" conducted in July by U.S. Customs and Border Production of a package containing fake identity documents sent from Canada to Ulbricht's address in San Francisco.

Robert Graham, founder of Errata Security, notes in a blog post that recent revelations about government data collection, particularly the activities of the DEA's Special Operations Division and the NSA, underscore the difficulty of challenging the constitutionality of government evidence gathering.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Thomas Claburn
50%
50%
Thomas Claburn,
User Rank: Ninja
10/2/2013 | 10:10:16 PM
re: Silk Road Founder Arrested
I'm curious about whether Graham's speculation is correct. What if CBP was tipped off to the package by an intelligence gathering scheme of dubious legality?
LuJ787
50%
50%
LuJ787,
User Rank: Apprentice
10/2/2013 | 8:27:25 PM
re: Silk Road Founder Arrested
I find it hilarious that this black market 'KingPin' was stupid enough to have Illegal identification sent FROM a foreign country TO his home address. Did he not realize the level of scrutiny packages going cross border undergo? Lol.

Not so bright after all!!
sharongr
50%
50%
sharongr,
User Rank: Apprentice
10/2/2013 | 8:19:33 PM
re: Silk Road Founder Arrested
I find it fascinating that "authorities estimate that Silk Road generated over $1.2 billion (that's with a "B" folks) in sales and $80 million in commissions" and our government, the so-called "authorities" can't seem to generate enough to pay their own bills and resort to shutting down the government over egos and nonsense! What a world we live in!
OtherJimDonahue
50%
50%
OtherJimDonahue,
User Rank: Apprentice
10/2/2013 | 7:58:05 PM
re: Silk Road Founder Arrested
Wow ... the back roads of the Internet can be pretty scary, can't they?
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2015-0750
Published: 2015-05-22
The administrative web interface in Cisco Hosted Collaboration Solution (HCS) 10.6(1) and earlier allows remote authenticated users to execute arbitrary commands via crafted input to unspecified fields, aka Bug ID CSCut02786.

CVE-2012-1978
Published: 2015-05-21
Multiple cross-site request forgery (CSRF) vulnerabilities in Simple PHP Agenda 2.2.8 and earlier allow remote attackers to hijack the authentication of administrators for requests that (1) add an administrator via a request to auth/process.php, (2) delete an administrator via a request to auth/admi...

CVE-2015-0741
Published: 2015-05-21
Multiple cross-site request forgery (CSRF) vulnerabilities in Cisco Prime Central for Hosted Collaboration Solution (PC4HCS) 10.6(1) and earlier allow remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCut04596.

CVE-2015-0742
Published: 2015-05-21
The Protocol Independent Multicast (PIM) application in Cisco Adaptive Security Appliance (ASA) Software 9.2(0.0), 9.2(0.104), 9.2(3.1), 9.2(3.4), 9.3(1.105), 9.3(2.100), 9.4(0.115), 100.13(0.21), 100.13(20.3), 100.13(21.9), and 100.14(1.1) does not properly implement multicast-forwarding registrati...

CVE-2015-0746
Published: 2015-05-21
The REST API in Cisco Access Control Server (ACS) 5.5(0.46.2) allows remote attackers to cause a denial of service (API outage) by sending many requests, aka Bug ID CSCut62022.

Dark Reading Radio
Archived Dark Reading Radio
Join security and risk expert John Pironti and Dark Reading Editor-in-Chief Tim Wilson for a live online discussion of the sea-changing shift in security strategy and the many ways it is affecting IT and business.