Scams, Hacks and Poor Management: Life After Silk Road

shutterstock_139366595
27 April 2014

When US authorities busted up the Silk Road and arrested alleged kingpin Ross Ulbricht last fall, it didn’t mean the end of online drugs-for-bitcoin markets. Alternative trading posts popped up immediately, and existing ones expanded to accommodate displaced buyers and sellers.

pills drugs

However the sites have been rocked by thefts, more arrests and other troubles, leading some customers and even investigators to wax nostalgic about the “original” Dread Pirate Roberts, as Silk Road’s founder called himself.

One customer, who goes by the nickname ‘hugs’, wrote in a message to CoinDesk:

“[Chaos] is the word that I would choose to describe the landscape as it has morphed and changed after SilkRoad’s seizure. Many sites have come and gone […] many of them developing quite a following before being shut down or hacked. Buyers and vendors alike have been on a constant search for a stable market, one that will be around for longer than a couple of months.”

One law enforcement source said the new markets are barely worth investigating at this point. He raised February’s heist of thousands of bitcoins from Silk Road 2.0 as an example of bad management:

“When the original Dread was running it, that never happened. It’s not being run as well.”

The law enforcement source, who spoke on condition of anonymity, said he was involved in the original Silk Road investigation, but now is just keeping an eye on Silk Road 2.0 in the background.

In fact, he’s not sure any law enforcement agencies are making Silk Road 2.0 or other online drug markets a priority.

Silk Road 2.0’s first admin styled himself as Dread Pirate Roberts, just as Ulbricht is alleged to have done, but he disappeared from the scene after three of the site’s alleged moderators were arrested in December, and the site’s new administrator calls himself ‘Defcon’.

Users don’t know who to trust

Other sites to position themselves as Silk Road alternatives include the Sheep Marketplace, Black Market Reloaded, Utopia, Agora, Pandora, BlueSky and many others; some of these sites have shut down, others are still accessible on the deep web via the Tor browser.

pills bitcoin drugBitcoin-branded ecstasy pills. Image via www.pillreports.com

Of the current crop, ‘hugs’ named Agora as the most stable, saying its administrators appear to be working diligently to gain user trust. But so far, no would-be mastermind seems to be able to fill the shoes of the original Dread Pirate Roberts.

For one thing, many have failed to keep users’ bitcoins safe. In addition to the Silk Road 2.0 theft, another deep web trading post, Sheep Marketplace, reported a $6m heist and shut down in late 2013. In March, the market known as Pandora reported a theft of $250,000 in bitcoin, promised repayment, and stayed open.

Because of the anonymous nature of these markets, it’s difficult for users to know if the sites were really hacked, or if the administrators just absconded with their bitcoins. The law enforcement source added:

“Either the administrators don’t have the level of expertise or the dedication to the web site that [the original DPR] did, or it could be that they’re running a scam.”

Users have tried following bitcoin movements through the block chain for clues, but that is probably a futile pursuit according to University of California-San Diego cryptographer Sarah Meiklejohn. She wrote in an email:

“It would be difficult to verify just from block chain analysis if a theft were carried out by external thieves or by the owners of the service, since the movement of the bitcoins would presumably be the same either way. If you saw the bitcoins deposited into an exchange, and then asked that exchange who the real-world owner of that account was, you might learn something, but (1) that’s not something that most users can do, and (2) operators of dark marketplaces are almost certainly not using their real names anyway. So basically, that doesn’t seem possible.”

This leads users to be a bit jumpy. When a market has a temporary outage, threads pop up on reddit speculating whether the site’s organizers have taken the money and run.

When Sheep Marketplace claimed it was robbed, users had already been speculating for days that a scam was in the works, since they had been unable to withdraw bitcoins from their accounts.

The aftermath of hacks

Silk Road 2.0 administrators appear to be making good on promises to reimburse users for losses following the alleged transaction malleability attack that hit the site in February.

Defcon posted on the site’s forums in early April that half the victims had been fully repaid, and that 100% had received at least a partial payment. He set 9th June as a rough target for full repayment.

silk roadA screenshot of Silk Road 2.0 user balances, from admin Defcon. Image via Motherboard

A number of Silk Road 2.0 users commented in the forum that they had indeed received payment, however, a few said they had received nothing as of early April. In turn, many users have not yet logged in to claim their reimbursement, according to the site’s administrator.

Other markets have handled things far differently. Sheep Marketplace’s admins vanished after claiming theft. And the admin of Project Black Flag openly admitted pocketing users’ bitcoins when he shut down the market last fall.

“[It] makes us realize once again how cool and proper Ross Ulbricht (allegedly) was. He could have fleeced people but instead he empowered people. Sad loss,” reddit user ‘bitchrome’ commented in a discussion about the Sheep Marketplace shutdown.

Another reddit user, ‘JAMDIAM’, sounded fed up with post-Silk Road markets:

“I don’t eff with these markets anymore for two reasons: 1) They’re clearly crawling with Feds. 2) The management of these sites will never match the original DPR (aka Ross Ulbricht).”

Ross Ulbricht denies the FBI allegations and is currently in a New York detention centre awaiting trial.

Improving security

To prevent future thefts, Defcon removed Silk Road 2.0’s centralized escrow system, writing on the market’s forum that “Centralization makes a market a huge target for attackers, and a huge target for dishonest administrators.”

Instead, Defcon said the market will move to a multi-signature escrow system, in which a single person cannot move funds without agreement from one or more other signers. BlackBank, Cannabis Road, Cloud-Nine, DarkBay, Hydra, The Marketplace and Tor Bazaar are all listed as multisig markets on the darknetmarkets subreddit.

Dark market shopper ‘hugs’ clarified:

“I think that within the next year we will see [multisignature escrow] become the standard for markets across the board. Vendors are tired of having their hard-earned money stolen or hacked, as are users. There are enough stressors in this business without the constant worry of dishonest or incompetent market admins to add to the list.”

‘Hugs’ added: “My hope is that multi-signature escrow will work to alleviate the fear of market scams. Although traditional escrow is currently much less complicated and more convenient for the average buyer, I think we’ll soon begin to see multi-sig simplified and implemented in a way that even the most technologically deficient buyers [such as myself] can still take advantage of its benefits.”

Of course, if the illegal marketplaces succeed in gaining customer trust – and, as a result, higher sales – they will also become a much larger target for law enforcement.

“I don’t know how much interest law enforcement has in Silk Road 2.0 right now. When they get up and start running hard, maybe they’ll start taking a harder look at it,” said the Silk Road investigator.

Pills Image via Shutterstock