Cybercrime Investigator Says Police Use “Covert Investigators” to Catch Darknet Vendors

The Attorney General at the Central Office for Combatting Cybercrime (ZIT), spoke with two famed ARD journalists about handling darknet crime. Both reporters, Annette Dittert and Daniel Moßbrucker, previously created a documentary on the darknet. While their interview with the ZIT’s Attorney General, Andrew May, covered the same topics, the interview and documentary were separate projects.

Weapons, drugs, and child pornography topics received the most attention. The interviewers asked May how cybercrime (on the darknet) had changed over time. May talked about methods by which darknet dealers learned to utilize to outsmart the law. Another topic discussed involved how law enforcement dealt with the modern forms of encryption and a criminal’s ability to be nearly anonymous.

May explained that he started investigating the darknet four years ago. Back then, he said, mostly “soft drugs” populated the marketplaces. During the four years he worked at the ZIT, investigating the darknet, he saw it develop into something much more diverse. An ecosystem instead of forums and marketplaces. People see the darknet as a quick and easy way to turn a profit in the drug market, he said. In the real world, so to speak, the same people avoided these types of situations.

He explained the process involved in catching the dealers. The sellers too, but Annette Dittert and Daniel Moßbrucker asked specifically about the dealers. May told them that he could not give a complete answer for many reasons—one being operational security. He then went on and explained several instances where the NIT investigators gained access to the vendor profile and conducted business as usual. Buyers assumed, likely for a significant period, of time, that the drugs still came from the original supplier. One-by-one—or in the Chemical Love case, all at once—officers arrested buyers. Investigators performed similar moves when taking down The Love Zone.

The interviewers asked May if the use of modern encryption made the job frustrating. “How do they [ZIT] get these people anyway,” they asked. He explained that technical teams break into a drug dealer’s device. The encryption was impossible to crack through technical investigations. “We use mainly covert investigators who buy drugs to get in touch with dealers and try to lure them into a trap,” he explained.” If this is successful, the authorities can, under certain conditions, take over the account and thus come to other persons who are active in this network,” he added—referring to the darknet.

He explained that ZIT investigators often stopped some cases for safety or other reasons. “We are particularly proud of the fact that we could identify some of the arms traders – because of course, there is a particular danger to arms trafficking,” he said. However, cases against child pornography websites often took a turn for the worse when the suspect or site required the undercover officer to upload pictures of their own to validate their authenticity. “This is, of course, a crime that we are not allowed to commit,” he ended.

At the end of the conversation, the interviewers brought up banning the encryption or tools used to access the darknet. May explained that while the modern technology made law enforcement step their game up, banning said technology or software is not feasible. Plus, he said, the same stuff: drugs, child pornography, and weapons are found on Google—if one looks hard enough.

weapons from a ZIT operation.