The FBI finally reveals how it found Silk Road’s server

Nearly a year after Silk Road was brought down by the FBI, police are finally shedding light on how they found the location of Silk Road’s server in Reykjavik, Iceland.

Ross Ulbricht, the man they claim was the mastermind behind the Deep Web black market, made a mistake configuring the site that leaked out Silk Road’s IP address and physical location, Wired reports.

The question of just how the FBI located and penetrated Silk Road’s servers has long been left unanswered, leaving many, including Ulbricht’s defense team, to wonder if the government used illegal methods to gain access.

At the FBI’s New York field office in June 2013, agents on the Silk Road website noticed data being returned from an IP address outside of the Tor network. When they directed their browser to that IP, the Silk Road login page appeared.

“This indicated that the Subject IP Address was the IP address of the SR Server,” FBI special agent Christopher Tarbell wrote, “and that it was ‘leaking’ from the SR Server because the computer code underlying the login interface was not properly configured at the time to work on Tor.”

That’s when they knew Silk Road’s servers, which the FBI said hosted by far the largest website on Tor at the time, were rented from a third party in Iceland. They were able to contact Reykjavik police to silently access and make a copy of the server.

If this account is true, it’s the result of extraordinarily poor decisions from Ulbricht. Instead of allowing only traffic from Tor exit nodes—and thus preventing this leak—Ulbricht’s oversight gave away the goldmine.

Many observers will remain unconvinced. Accusations of parallel construction have plagued not only the FBI but all federal law enforcement agencies. Last year, Snowden leaks revealed that the NSA shared secret intelligence with the Drug Enforcement Agency, who then disseminated them further to help investigations as deemed necessary. The NSA’s assistance could allow investigators to circumvent civil rights laws in an effort to make an arrest.

Ever since the October 2013 fall of Silk Road, questions have arisen about whether the FBI’s investigative techniques were entirely legal. In fact, Tarbell’s new explanation comes in response to allegations of illegal spying and demands from Ulbricht’s team to unveil the methods behind the investigation.

“Ulbricht offers no evidence of any governmental misconduct to support this sweeping claim,” prosecutors wrote. “Instead, Ulbricht conjures up a bogeyman—the National Security Agency (“NSA”)—which Ulbricht suspects, without any proof whatsoever, was responsible for locating the Silk Road server, in a manner that he simply assumes somehow violated the Fourth Amendment.”

It remains to be seen whether or not the judge will accept Tarbell’s explanation. Information security experts looking at the case are still deciding on plausibility but are in agreement that, if true, it’s a hell of a disappointment.


H/T Wired | Photo via Jeffrey Beall/Flickr (CC BY-SA 2.0) | Remixed by Fran Berkman

Patrick Howell O'Neill

Patrick Howell O'Neill

Patrick Howell O'Neill is a notable cybersecurity reporter whose work has focused on the dark net, national security, and law enforcement. A former senior writer at the Daily Dot, O'Neill joined CyberScoop in October 2016. I am a cybersecurity journalist at CyberScoop. I cover the security industry, national security and law enforcement.