Criminals and Bitcoins seized in FBI/EC3 crackdown on Tor dark markets

News by Doug Drinkwater

The FBI, the European Cybercrime Centre (EC3) and other high-profile law enforcement agencies are celebrating the take-down of 410 'dark markets' on Tor which was selling drugs, weapons and other illegal goods.

Just 24 hours after the FBI announced that it had arrested 26-year-old Blake Benthall, a key figure behind the Silk Road 2.0 website, EC3 put out its own release detailing how both law enforcement agencies had facilitated a joint action – entitled Operation Onymous - against dark markets running as hidden services on the Tor networks.

This collaboration involved 15 EU member states and other counterparts from the US and saw the law enforcement agencies bring down various marketplaces as part of a unified international action from Europol's cooperational coordination centre at The Hague in the Netherlands.

EC3's own J-CAT – which was exclusively revealed by SC earlier this year – also supported the operation although the specific details of that collaboration are unknown at this stage. The J-CAT was launched in September to serve as a platform for targeted operations against global criminal networks and infrastructure, carried out by EC3 and EU member state employees stationed permanently at Europol's headquarters.

As with the Silk Road 2.0 takedown, the objective has been primarily to stop the sale, distribution and promotion of illegal and harmful items such as weapons, drugs and even cyber-crime-as-a-service tools.

The crackdown in Operation Onymous has resulted in the arrest of 17 vendors and administrators running these services as well as the takedown of more than 410 hidden services on a Tor network which is commonly used by the likes of criminals, activists and journalists to conceal their IP address and hide their online browsing activities. The bust also saw law enforcement seize Bitcoins worth approximately US$ 1 million, €180 000 euro in cash, as well as drugs, gold and silver.

“Today we have demonstrated that, together, we are able to efficiently remove vital criminal infrastructures that are supporting serious organised crime,” said EC3 head Troels Oerting in a statement.

“And we are not 'just' removing these services from the open Internet; this time we have also hit services on the Darknet using Tor where, for a long time, criminals have considered themselves beyond reach. We can now show that they are neither invisible nor untouchable. The criminals can run but they can't hide. And our work continues.”

“Our efforts have disrupted a website that allows illicit black-market activities to evolve and expand, and provides a safe haven for illegal vices, such as child pornography, weapons distribution, drug trafficking and murder-for-hire,” said Kumar Kibble, regional attaché for HSI in Germany.  “HSI will continue to work in partnership with Europol and its law enforcement partners around the world to hold criminals who use anonymous Internet software for illegal activities accountable for their actions.”

Speaking to SC recently, EC3 head of operations Paul Gillen detailed how collaboration is the only way the cyber-crime community can move forward.

“We're pushing an open door; the cyber-crime investigation community agrees that this is the only way they can work. We will have to ‘suck it and see'. We will have some success and some failures along the way, but we must work together if we are to make the internet a safe place.”

He added that law enforcement cannot afford for there to be any ‘weak links in the chain' as far as countries go, and said that people won't necessarily go the police to get the appropriate information on cyber-crime.

“The police are not the best place to get information on cyber,” admits Gillen. “That information is with private companies, victims of cyber-crime, financial institutions, ISPs, hosted companies…”

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews