14 DAY TRIAL // The arrest of 29-year-old Ross William Ulbricht, aka “Dread Pirate Roberts,” the alleged mastermind behind the online drug market Silk Road, shows that even the most successful cyber criminals can make mistakes that ultimately lead to their arrest.
The 39-page complaint filed against Ulbricht provides some important details as to how authorities have managed to identify him.
Ulbricht has taken several measures to make sure no one would find out his identity. He only talked via anonymous online chat and he never agreed to meet anyone in person.
However, it appears that when you’re running one of the largest online drug markets, you have a lot on your plate, so you’re bound to make some mistakes.
According to the FBI, Ulbricht made the first mistakes back when he was trying to advertise Silk Road on various websites.
He published several posts with the username “Altoid.” However, in a post made on Bitcointalk.org while looking for “an IT pro in the Bitcoin community,” Ulbricht instructed users to send their responses to the [email protected] email address.
The subscriber records obtained by authorities from Google indicated that the Gmail account was registered to one Ross Ulbricht. On his Google+ profile investigators have found several YouTube videos referencing the Mises Institute, considered the “world center of the Australian School of economics.”
The FBI noticed that Dread Pirate Roberts had often referenced the work of the Mises Institute in his postings on Silk Road.
Another clue that linked Ulbricht to the operator of Silk Road was a post published on StackOverflow.com. He used his real name to inquire about connecting to a TOR hidden service “using curl in PHP.”
He later changed the username to “frosty.” Several weeks later, he also changed the email address from his Gmail address to [email protected].
Analysis of the Silk Road web server indicated the fact that several lines of code quoted in the StackOverflow posting were identical to ones used for Silk Road.
An examination of the SSL public encryption key from the Silk Road server also showed that the administrator had a computer named “frosty” with a user account also named “frosty.”