How the FBI Found the Silk Road Founder Ross Ulbricht

Deep Web Dark Net Silk Road Found FBI
Deep Web Dark Net Silk Road Found FBI

Ross Ulbricht was detained at a public library in San Francisco.

Dread Pirate Roberts was the ringleader of Silk Road, one of the largest organizations on the deep web to sell and buy drugs, weapons, hacking services, counterfeits, and more illegal stuff. He is also Ross William Ulbricht, a 19-year-old who was ambushed by a group of FBI agents in a public library in San Francisco on Tuesday, just after entering his password on his laptop while sitting in the science fiction section.

To be at the helm of a criminal organization of this size – in two and a half years, he facilitated transactions of USD $1.2 billion and generated commission income of USD $80 million – the pirate Roberts did not resist protecting his true identity on the web, delivering the necessary clues to the FBI to begin untangling the skein.

A matter of freedom

Although you could buy marijuana, heroin, methamphetamine, LSD and other substances on the Silk Road, the central issue was not drugs, according to its founder. It was freedom. In January 2012, Dread Pirate Roberts posted the site’s mission on the Silk Road discussion boards.

“Become a considerable force that can challenge the powers that exist and finally give people the option to choose freedom over tyranny.”

On LinkedIn, Ulbricht declared his interest in “using economic theory as a means to abolish the use of coercion and aggression on humanity.” In his manifesto he assured that “I am creating an economic simulation to give people first-hand experience of what it would be like to live in a world without the systemic use of force.” Is Silk Road a simulation of a world without the use of force, without rules?

Beyond the pacifism that the previous lines evoke, however, Dread Pirate Roberts appears involved in two assassination attempts  – therefore with the use of force and violence – at most Breaking Bad, with hitmen and all.

Silk Road Construction

Silk Road was built in 2011 as a ‘hidden’ service that could only be accessed through Tor. The Tor project ( The Onion Router, or the “onion router”) allows hiding the traffic of a user on the Internet, making communication go through a series of special routers – several layers, such as those of onions – to make it impossible to track an IP.

To connect, users first had to install a Tor client and then visit a number of sites with strange names (for example, one of the most recent for Silk Road was silkroadfb5piz3r.onion). After the formalities, the user arrived at a simple and easy-to-use market to buy drugs from sellers around the world. The product was mailed directly from the seller to the buyer, without the intervention of Dread Pirate Roberts. His only connection to the drug transaction was money, so the hacker implemented the use of bitcoin to make tracking difficult.

The bitcoin can be traced to perform transactions, so Roberts used a “tumbler” program enrutaba payments digital currency through a complex series of false transactions to confuse tracking. Roberts kept between 8% and 15% of each transaction, depending on the value of the purchase.

The search

For the Drug Administration (DEA), the Internal Revenue Service, Homeland Security and the FBI, it was difficult trying to decipher all this to find the Dread Pirate Roberts. The authorities could not track the bitcoins, nor could they find the hidden servers. But research can be done from different angles, and the plan was to  look for the first mentions of Silk Road on the internet.

So they found a post on the site where a guy named “altoid” posted a single time apparently promoting Silk Road and directing to a WordPress blog where instructions to access the site were delivered. A court order to WordPress allowed agents to discover that the blog had been created just four days before Altoid’s publication.

Police continued to track Altoid, discovering that he had also posted on a site called Bitcoin Talk. In October 2011, Altoid appeared writing that he was looking for a “technology expert from the Bitcoin community”, asking those interested to send an email to “rossulbricht at gmail dot com”. Since Silk Road trades bitcoin, this was certainly interesting.

A request for data to Google revealed that the account was registered under the name of Ross Ulbricht, and that it was in turn linked to a Google+ profile, which contained a photo of the subject and a link to his favorite YouTube videos. Several of these videos posited visions similar to those of Dread Pirate Roberts, and were linked to the Silk Road forums.

The government kept an eye on Ulbricht, discovering that he lived in San Francisco and that he stayed for a time at a friend’s house, from where he logged into his Gmail account from time to time.

Agents discovered another clue on the developer help site StackOverflow, where Ulbricht signed up in 2012 to ask for help connecting “to a hidden Tor server using curl in php.” In the query, you included several lines of code that were not working well for you. Realizing that posting under his name was not a good idea, Ulbricht changed his name to “frosty”, changing his email address afterwards.

Two weeks later, the government found Silk Road servers spread over several countries, although the government has not explained how. The FBI has not said anything about Tor, but some believe that the system has been compromised for this investigation to spy on users. It is also possible that the FBI managed to hack Silk Road enough to discover the IP.

The main server was in a country that has a treaty with the United States for legal assistance, so the FBI was able to get more information. There they noticed that the server’s public key ended in “frosty @ frosty” and that a version of the code posted on StackOverflow was being used on the server.

In July 2013, apparently in a routine examination, customs agents intercepted a package coming from Canada carrying nine false identifications, all with different names but using Ulbricht’s photo. The package was addressed to his address in San Francisco.

Three days later, officers went to visit Ulbricht at his home in San Francisco for the forged ID cards. Ulbricht – who was known as “Josh” by his housemates – said others could have ordered the documents to “frame him”, since getting them online at sites like Silk Road was extremely easy.

¿It Ulbricht Dread Pirate Roberts?

Ross Ulbricht. Google+

Police arrested Ross Ulbricht, accusing him of being the Dread Pirate Roberts. This has not been tested yet. One of Ulbricht’s best friends, René Pinnell, says “it’s not him.”

In an interview with Forbes a few months ago, Dread Pirate Roberts assures that he is not the creator of Silk Road, as the FBI thinks. Rather, Dread Pirate Roberts is a person-to-person position in the development of the site. As he said, the current Dread Pirate Roberts discovered Silk Road shortly after its creation in 2011 and discovered a problem in the Bitcoin transaction, helping the creator of the web to repair it. Soon after, he became a partner who ended up buying the original owner’s stake in the business.

Thus, it may be that Ross Ulbricht was really framed for the  other pirate Roberts to be saved. Or maybe not, and Ulbricht made mistakes from the start of Silk Road, which with good research it was possible to detect.

Regardless of what happens with Ulbricht now, the FBI seems to have achieved its mission: Silk Road is over. As discussed on Reddit, more people may not be caught for trafficking on this website, however, people are no longer willing to use the platform to trade due to the dangers it could represent for them.