Silk Road Case : Operators say they paid thousands of Dollars to prevent malware, DDoS and vulnerability attacks
The Silk Road hearing which is going on at Southern District of New York and overseen by District Judge Katherine Forrest is throwing up surprising facets of operating a illegal website. Silk Road which was operating on Tor anonymiser network and dealing in drugs and contraband goods and had to pay thousands of dollars per month to cyber extortionists.
Much more like a mafia organisation in the physical world which has to pay off several authorities to avoid raids, seizures and detection, Silk Road which was operating outside of law had to depend on payoffs to survive, it seems.
The Silk Road marketplace founders found themselves paying thousands of dollars to cyber extortionists who threatened to expose serious site vulnerabilities or hit it with denial of service attacks in 2012 and 2013 , according to evidence presented in a Manhattan federal court on Wednesday.
This information was given during the testimony by U.S. Internal Revenue Service special agent Gary Alford. Alford had served subpoena on emails of defendant Ross Ulbricht as part of his investigation.
Ross Ulbricht who is considered to be the mastermind behind the illegal drug selling website, Silk Road, was arrested October, 2013 by FBI during world wide operation and is on trial for narcotics and criminal enterprise related charges in relation to Silk Road.
According to evidence provided by prosecutors, Silk Road facilitated the exchange of $1.2 billion in illegal goods, mostly drugs, and generated $80 million in commissions for the operators from 2011 until October 2013 till its winding up due to FBI raid. Called the eBay of underworld and dealing with contraband, Silk Road facilitated the meet up between buyers and sellers pretty much like real world eBay. Silk Road used bitcoins as transaction mode of payment for goods that were delivered to the buyers through the mail.
Prosecutors said that Silk Road operators paid cyber criminals extortion to keep the Silk Road free of attacks and keep it running at least on two occasions. Alford showed the court an email received by Silk Road in November 2012 from an anonymous sender who claimed to have found a serious vulnerability in the site’s software. In exchange for not exposing the flaw to public, the anonymous emailer asked a ransom of $5,000 in exchange for not exposing the flaw and $15,000 for full details on how the flaw operated and how it could be exploited.
A spreadsheet found on the computer belonging to Ulbritch and seized during the arrest suggests that $15,000 was paid out to the anonymous email sender for complete details of the flaw. The spreadsheet contains an entry for a debit for that amount was annotated with the phrase “pay off hacker.”
Another evidence of ransom payoff comes from the chat log files between the Silk Road admin identified as Dread Pirate Roberts allegedly a online handle of Ulbritch and another administrator of the site, also indicate the extortion fee was paid. The fellow administrator consoled Dread Pirate Roberts by writing: “You’re still way richer than he is.”
In April 2013, Silk Road was threatened again, only this time a anonymous entity threatened to hit Silk Road with a distributed denial of service (DDOS) attack which would have hampered the business for Ulbritch and his associates. Again Silk Road operators paid $10,000 to stop this attack, according to the site’s ledger. The anonymous entity however carried out the attack despite the payoff according to Dread Pirate Roberts chat logs.
Alford also testified that Silk Road was selling hacking tools to willing buyers in addition to drugs. Alford testified to have bought a “Hacking Pack,” that included 115 “hacking tools and programs” from the site while operating undercover. Alford stated that after buying the “Hacking Pack”, the seller emailed him a list of links to download the programs, including some that supposedly offered the ability to remotely take control of a Web site.
The case is poised at an interesting phase with the federal prosecutors maintaining Ulbricht as the mastermind behind the Silk Road site while the defense lawyers for Ulbricht say he is a fall guy. Ulbricht’s defense lawyer, Joshua Dratel, argued in the court that Ulbricht handed off the Silk Road to other operators shortly after he started it, and that he rejoined immediately prior to his arrest, lured back in by the new operators to serve as a fall guy.
Ulbritch has been charged with narcotics conspiracy, engaging in a continuing criminal enterprise, conspiracy to commit computer hacking and money laundering. If the charges are proved, Ulbritch may serve maximum penalties of life in prison. Ulbricht has plead not guilty to all charges.