Saturday, May 6, 2017

Authorities Bust Bloomsfield Market Owner in Slovakia

On May 4, Europol announced the arrest of a darknet vendor in Slovakia. With surprisingly little enthusiasm, they also revealed that Slovakian law enforcement seized computer equipment that, at one time, hosted a darknet marketplace. Europol compared information from the computer with their own information and confirmed that the darknet vendor also owned and maintained a darknet market.

Police in Slovakia raided five locations and found five firearms, more than five hundred rounds of ammunition, and a large cannabis grow op. They called it a “sophisticated indoor cannabis plantation” and reported a total of 58 plants. Furthermore​, we discovered, police seized the computers and performed a preliminary forensic analysis while on the crime scene. Adding another layer of confusion, news outlets clarified that authorities arrested two darknet vendors: a 28-year-old known as Luke and a 33-year-old known as Adam.

Despite the abundance of information law enforcement gathered and the lack of information they provided to the public, another darknet entity publicly identified one of the vendors in December 2015. Europol avoided any mention of the market that the local authorities discovered and similarly left out any vendor information. But “TheRealDeal,” an entity behind the notorious yet controversial marketplace of the same name, fell into a discussion with “Inspector” here on DeepDotWeb.

“They [Reddit] think about it like about most critical opsec failure,” Inspector said, speaking of TheRealDeal market’s sudden death and subsequent rebirth. The entire saga took ages to unfold and is not, in complete entirety, relevant to the news at hand. As such, only the most immediately useful pieces of dialog are used in this article. Moving on, the inflammatory commentator repeatedly hurled insults at TRD. In return, TRD warned the entity that it was in his best interest to stop. Inspector continued, in spite of the warnings.

“We are done being diplomatic with you,” TRD began. “Inspector, owner of the failing Bloomsfield market, If you had any understanding of basic security you would know PGP uses a random seed to compute its key.” TRD connected Inspector to Bloomsfield market, a marketplace nearing failure at the time, and continued: “So why do you allow anyone to download this random seed at any time? spr3udtjiegxevzt.onion/application/storage/gnupg/randomseed.” He drove the nail even deeper by adding another link that exposed the PGP keys of every Bloomsfield user.

The two went back and forth for some time and the Inspector kept forgetting that TRD held the high ground before the quarrel even began. TRD warned the Bloomsfield marketplace admin, owner, and vendor that he was not paying around. The Inspector kept pushing TRD and TRD kept fulfilling his threats; he connected the anonymous account on DeepDotWeb to Bloomsfield, to a BitcoinTalk profile, to half-a-dozen Reddit accounts, to biocanna – an active participant in several cannabis cultivation forums.

And before adding that the Bloomsfield owner lived in Slovakia, he pointed to an OPSEC nightmare. “You also do not proxy any requests coming out of your market’s server, and when those requests fail, your server’s ip gets exposed in an error…” It turned into pure comedic-gold. To establish a connection between Bloomsfield and the darknet market in the Europol announcement, we only needed a single link: the marketplace URL.

After accessing the Bloomsfield .onion site, the page loads with the same page that Europol displayed in the press release. The rest of the details line up well too, but they are a tale of fire another time.

In addition to the weaponry, ammunition, and cannabis plants, police officers found a Bitcoin wallet with $222,967 in Bitcoin. Investigators believe this came from his darknet vending but have not yet gathered supporting evidence. The second vendor, one only mentioned in connection with the firearms, landed in police custody during one of the final house raids. And according to Europol, a whopping 10kg “had been purchased through this channel.”​

“The server used by the suspect to host the Darknet marketplace was also seized during the raids and is currently being forensically analyzed,” Europol’s announcement outlined. “Slovak authorities and Europol have extended the investigation into the users and vendors who utilised the marketplace.” If anyone other than Luke—the 28-year-old owner of the market—conducted business in the platform, Europol will have a field day.

0 komentar: