Menu
Silk Road paid thousands in shake-downs from malicious hackers

Silk Road paid thousands in shake-downs from malicious hackers

The Silk Road online drug marketplace was routinely bedeviled by extortionists

When operating outside of the law, you can't exactly rely on the police to protect your illegal enterprise from other criminals.

The Silk Road marketplace founders likely learned this lesson in 2012 and 2013, after paying thousands of dollars to cyber extortionists who threatened to expose serious site vulnerabilities or hit it with denial of service attacks, according to evidence presented in a Manhattan federal court on Wednesday.

The extortion information emerged during testimony from U.S. Internal Revenue Service special agent Gary Alford, who had subpoenaed the emails of defendant Ross Ulbricht as part of his investigation. Ulbricht is on trial at the U.S. District Court for the Southern District of New York for narcotics and criminal enterprise charges in relation to Silk Road.

According to prosecutors, Silk Road facilitated the exchange of $1.2 billion in illegal goods, mostly drugs, and generated $80 million in commissions for the operators from 2011 until October 2013, when the site was shuttered by law enforcement. Like an eBay for unlawful goods, Silk Road matched sellers with buyers, who used bitcoins to pay for goods that were delivered through the mail.

On at least two separate occasions, Silk Road operators paid malicious attackers ransoms in exchange for keeping the site up and secure.

During his testimony, Alford showed an email received by Silk Road in November 2012 claiming to have found a serious vulnerability in the site's software. The e-mail, from an anonymous sender, asked $5,000 in exchange for not exposing the flaw, or $15,000 to offer full details on how the flaw operated and how it could be exploited.

A spreadsheet found on the computer Ulbricht was using at the time of his arrest suggested that $15,000 was paid out shortly after the email was received. An entry for a debit for that amount was annotated with the phrase "pay off hacker."

Chat log files between the Silk Road admin identified as Dread Pirate Roberts -- whom prosecutors have alleged is Ulbricht -- and another administrator of the site, also indicate the extortion fee was paid. The fellow administrator consoled Dread Pirate Roberts by writing: "You're still way richer than he is."

In April 2013, Silk Road was subjected to another shake-down. An anonymous party had hit the site with a distributed denial of service (DDOS) attack, which can congest servers to the extent that legitimate users can't access the targeted site. Silk Road paid $10,000 to stop the attack, according to the site's ledger. However, the attack continued even after the money was deposited to an anonymous account, according to Dread Pirate Roberts chat logs.

In addition to drugs, Silk Road also sold hacking tools, according to prosecutors. Alford testified of buying, undercover, a "Hacking Pack," that included 115 "hacking tools and programs" from the site. When the pack was purchased, the vendor emailed a list of links that the buyer could follow to download the programs, including some that supposedly offered the ability to remotely take control of a Web site.

Federal prosecutors maintain that Ulbricht was the mastermind behind the Silk Road site. Ulbricht was charged with narcotics conspiracy, engaging in a continuing criminal enterprise, conspiracy to commit computer hacking and money laundering. The narcotics and criminal enterprise charges carry maximum penalties of life in prison. Ulbricht has pled not guilty to all charges.

Ulbricht's defense lawyer, Joshua Dratel, argues that Ulbricht handed off the site to other operators shortly after he started it, and that he rejoined immediately prior to his arrest, lured back in by the new operators to serve as a fall guy.

The case is being overseen by District Judge Katherine Forrest of the Southern District of New York.

Joab Jackson covers enterprise software and general technology breaking news for The IDG News Service. Follow Joab on Twitter at @Joab_Jackson. Joab's e-mail address is Joab_Jackson@idg.com


Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags securitylegaldata breachCriminalU.S. Internal Revenue Service

Featured

Slideshows

Meet the leading female front runners of the Kiwi channel

Meet the leading female front runners of the Kiwi channel

Reseller News honoured the leading female front runners of the New Zealand channel at the 2018 Women in ICT Awards (WIICTA) in Auckland. The awards honoured standout individuals across seven categories, spanning Entrepreneur; Innovation; Rising Star; Shining Star; Community; Technical and Achievement.

Meet the leading female front runners of the Kiwi channel
Meet the top performing customer-centric Microsoft channel partners

Meet the top performing customer-centric Microsoft channel partners

Microsoft honoured leading partners across the channel following a year of customer innovation and market growth in New Zealand. The 2018 Microsoft Partner Awards recognised excellence within the context of the end-user, spanning a host of emerging and established providers.

Meet the top performing customer-centric Microsoft channel partners
Reseller News launches new-look Awards at 2018 Judges’ Lunch

Reseller News launches new-look Awards at 2018 Judges’ Lunch

Introducing the Reseller News Innovation Awards, launched to the channel at the 2018 Judges’ Lunch in Auckland. With more than 70 judges now part of the voting panel, the new-look awards will reflect the changing dynamics of the channel, recognising excellence across customer value and innovation - spanning start-ups, partners, distributors and vendors.

Reseller News launches new-look Awards at 2018 Judges’ Lunch
Show Comments