The darknet market world has been hit by news of multiple relatively high profile arrests over the past week, notably the Quantik USA bust and the Dutch money laundering ring arrests. The ten individuals arrested in Louisiana in the Quantik bust were the prime reshippers for the largest seller of Xanax on the darknet markets. The police also seized nearly 100,000 pills of Xanax. In the Dutch case, another ten individuals were arrested for laundering nearly $22 million of darknet drug sale proceeds. While these news releases may make it seem that law enforcement scrutiny
on darknet activities has increased, this fear is entirely overblown. If these cases teach us anything, it’s that our obsession with online opsec is much less important than our real life opsec.
The Quantik USA ring was not caught because they didn’t use a VPN, or had an old version of Tor, or because they didn’t properly tumble their bitcoin before cashing out. They were caught because they were idiots in real life. One of the leaders had been arrested six times in the past five years and another had been arrested five times, frequently for drug charges. They were obviously known suspects to the local law enforcement. And their organization was clearly too large. The more people that know about darknet activity, the easier it is for one to let something slip. The individuals involved were likely making hundreds of trips to the post office to reship the packages. In a small town, this could have easily raised suspicion.
It’s the same situation with the Dutch money laundering case. The suspects weren’t arrested because law enforcement followed the blockchain and traced illicit bitcoin to them. They were caught because they were transferring massive amounts of money into their bank accounts, cashing out from ATMs immediately, and spending it on expensive cars. That kind of behavior is an immediate red flag for a bank compliance officer, who can then directly alert law enforcement. Their online opsec might have been excellent. They may have made no mistakes in their laundering process. But their stupidity in how they used their profits in real life got them arrested.
Recently, news came out about the FBI hacking thousands of computers in an effort to take down child pornography websites. By hacking the site, the FBI was able to identify IP address even if individuals visited the site on Tor. This information directly led to two arrests last summer. The use of de-anonymization work in this case is an absolute outlier, though. The FBI is much more willing, rightfully so, to go after child pornography in this kind of aggressive way than they are towards someone buying a small amount of weed online.
This is not to say that online opsec doesn’t matter. Guarding darknet activity is still exceedingly important. But more people on the darknet need take better caution in their real life opsec. Using all the appropriate methods and technology means nothing if you’re bragging about your activity to friends or bringing down law enforcement scrutiny for reasons unrelated to the darknet.
It’s a new year. Let’s all resolve to be smart both in the darknet markets and away from our computers in 2016.