Silk Road paid thousands in shake-downs from malicious hackers

The Silk Road online drug marketplace was routinely bedeviled by extortionists

When operating outside of the law, you can't exactly rely on the police to protect your illegal enterprise from other criminals.

The Silk Road marketplace founders likely learned this lesson in 2012 and 2013, after paying thousands of dollars to cyber extortionists who threatened to expose serious site vulnerabilities or hit it with denial of service attacks, according to evidence presented in a Manhattan federal court on Wednesday.

The extortion information emerged during testimony from U.S. Internal Revenue Service special agent Gary Alford, who had subpoenaed the emails of defendant Ross Ulbricht as part of his investigation. Ulbricht is on trial at the U.S. District Court for the Southern District of New York for narcotics and criminal enterprise charges in relation to Silk Road.

According to prosecutors, Silk Road facilitated the exchange of $1.2 billion in illegal goods, mostly drugs, and generated $80 million in commissions for the operators from 2011 until October 2013, when the site was shuttered by law enforcement. Like an eBay for unlawful goods, Silk Road matched sellers with buyers, who used bitcoins to pay for goods that were delivered through the mail.

On at least two separate occasions, Silk Road operators paid malicious attackers ransoms in exchange for keeping the site up and secure.

During his testimony, Alford showed an email received by Silk Road in November 2012 claiming to have found a serious vulnerability in the site's software. The e-mail, from an anonymous sender, asked $5,000 in exchange for not exposing the flaw, or $15,000 to offer full details on how the flaw operated and how it could be exploited.

A spreadsheet found on the computer Ulbricht was using at the time of his arrest suggested that $15,000 was paid out shortly after the email was received. An entry for a debit for that amount was annotated with the phrase "pay off hacker."

Chat log files between the Silk Road admin identified as Dread Pirate Roberts -- whom prosecutors have alleged is Ulbricht -- and another administrator of the site, also indicate the extortion fee was paid. The fellow administrator consoled Dread Pirate Roberts by writing: "You're still way richer than he is."

In April 2013, Silk Road was subjected to another shake-down. An anonymous party had hit the site with a distributed denial of service (DDOS) attack, which can congest servers to the extent that legitimate users can't access the targeted site. Silk Road paid $10,000 to stop the attack, according to the site's ledger. However, the attack continued even after the money was deposited to an anonymous account, according to Dread Pirate Roberts chat logs.

In addition to drugs, Silk Road also sold hacking tools, according to prosecutors. Alford testified of buying, undercover, a "Hacking Pack," that included 115 "hacking tools and programs" from the site. When the pack was purchased, the vendor emailed a list of links that the buyer could follow to download the programs, including some that supposedly offered the ability to remotely take control of a Web site.

Federal prosecutors maintain that Ulbricht was the mastermind behind the Silk Road site. Ulbricht was charged with narcotics conspiracy, engaging in a continuing criminal enterprise, conspiracy to commit computer hacking and money laundering. The narcotics and criminal enterprise charges carry maximum penalties of life in prison. Ulbricht has pled not guilty to all charges.

Ulbricht's defense lawyer, Joshua Dratel, argues that Ulbricht handed off the site to other operators shortly after he started it, and that he rejoined immediately prior to his arrest, lured back in by the new operators to serve as a fall guy.

The case is being overseen by District Judge Katherine Forrest of the Southern District of New York.

Joab Jackson covers enterprise software and general technology breaking news for The IDG News Service. Follow Joab on Twitter at @Joab_Jackson. Joab's e-mail address is Joab_Jackson@idg.com

Join the CSO newsletter!

Error: Please check your email address.

Tags Criminalsecuritydata breachlegalU.S. Internal Revenue Service

More about eBayIDGInternal Revenue ServiceManhattanNewsRoberts

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Joab Jackson

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts

Market Place