• Mon. Jun 17th, 2024

How Authorities Hunt Cybercriminals on the Dark Web

Avatar photo

ByHarper Stewart

Aug 31, 2023
Authorities' Pursuit of Dark Web Cybercriminals
Harper Stewart
Latest posts by Harper Stewart (see all)

Cybercrime has become an extremely profitable industry for making millions fast and with low risks. Top cybercriminals may make up to $2 million a year, while mid-level offenders can make up to $900,000, and entry-level hackers can make up to $42,000, according to data from security firm Bromium. Organized criminal networks have been drawn to this profitable industry because they can profit from it while acting freely and anonymously online.

Even experienced hackers may be detected by law enforcement organizations like the FBI, even if the dark web offers technological privacy. One instance is the discovery of the Silk Road founder using a stingray cell tower simulator. He was apprehended and given a life sentence when investigators were able to monitor the MEID of his mobile device and locate him. 

Police seizing a computer that belongs to a cybercriminal.

Contrary to popular opinion, law enforcement agencies throughout the world have developed a number of strategies to track down and capture criminals who use the dark web. As cybercriminals become more technologically advanced, law enforcement agencies continue to adapt and develop new tactics to combat this expanding threat.

So what are the most common methods that the investigators use to catch the most advanced cyber criminals? We will uncover all the details below!

Going Undercover

An example of a seized website.

Even skilled hackers may be detected by law enforcement organizations like the FBI, even if the dark web offers technological privacy. One instance is the discovery of the Silk Road founder using a stingray cell tower simulator. Authorities were able to find him and capture him by tracking the unique identification (MEID) of his phone, which resulted in his life sentence. 

Despite the widespread belief that law enforcement cannot access the dark web, several methods have been created by organizations all over the world to locate and apprehend offenders using it. In order to confront this growing danger, law enforcement organizations continue to adapt and create new strategies as cybercriminals become more technologically sophisticated.

With this insider information, detectives may obtain important data and work well with other agents to stop illegal activity. Another impressive operation saw Task Force Argos of the Queensland Police play the part of a prominent child abuse website administrator for a lengthy period of time. Numerous pedophiles were apprehended as a result of this covert strategy, demonstrating the value of disguising oneself among dark web users.

The Tor-provided anonymity cloak functions both ways on the dark web. It is difficult for wrongdoers to determine the genuine identify of persons who connect with internet since law enforcement has expertly exploited this protection to disguising themselves and work surreptitiously among criminals.

Hacking the Criminal

An example of a hacked system.

Targeting the endpoint, which entails hacking into users’ machines, is one technique used to get around Tor’s anonymity. In a significant operation against Playpen, a dark web child pornography site, the FBI adopted a similar strategy. The agency was able to determine the true IP addresses of people who visited forums with child pornography through the use of spyware, which revealed their likely locations. 

Over 1000 US-based IP addresses were identified as a result of the FBI’s efforts, and 3,229 new cases were created by Europol. More than 135 individuals have been charged in the US, and fresh cases keep coming to light, despite the possibility that not all leads may lead to prosecutions.  There are questions concerning the extent and accuracy of this mass hacking method since it may have unintended consequences for innocent users of email providers that prioritize privacy.

Similar strategies have been used by foreign law enforcement organizations against suspects from the dark web. A moderator of a child pornographic website received a link to a film that diverted their traffic away from the Tor network once from an undisclosed agency. Another method entailed taking advantage of a flaw in Tor, which gave researchers from Carnegie Mellon University’s Software Engineering Institute (SEI) access to the IP addresses of dark web users and markets. 

Although the FBI did not carry out this hack directly, they eventually issued a subpoena to SEI for the personal data amassed. The processing of convictions connected to SEI’s research is ongoing as law enforcement continues to use the information acquired to apprehend offenders. Once law enforcement authorities acquire the IP addresses, they can subpoena the relevant ISPs or data centers to produce customer information, get warrants, and, if required, execute raids.

Analyzing Transactions

Cryptocurrency transactions with the addresses.

Dark web markets often conduct all transactions using the fictitious currency bitcoin, with the goal of preventing any connection between the buyer or seller’s true identity. However, a specific task force has been established by Homeland Security Investigations (HSI), a division of the Department of Homeland Security, to find out who is using bitcoin and other cryptocurrencies to launder money.

According to a criminal complaint filed in March, David Burchard’s sale of millions of dollars’ worth of bitcoins to an unauthorized currency exchange was one of the reasons HSI Special Agent Mathew Larsen began looking into him. The case is still pending, so it’s unclear exactly which exchange was watched or how the transaction was originally identified. However, HSI is undoubtedly keeping an eye on the sales of significant amounts of bitcoin. 

The conviction of Shaun Bridges, a Secret Service agent who defrauded Silk Road employees while also investigating the website, was likewise based on blockchain evidence. Prosecutors illustrated how thousands of bitcoins were transferred from the Silk Road into Bridges’ Mt. Gox account in a flowchart that was part of the criminal complaint. After that, investigators could track wire transactions to a business the agent had founded. Transferring money and assets obtained through the dark web might provide law enforcement a clear route to pursue, much like in tax evasion or similar investigations.

Open Source Information

One of the biggest dark web markets – Silk Road (shut down).

Criminals may unintentionally leave digital traces, such as forum postings or public documents, even if they mostly work on the dark web. These digital traces can help law enforcement identify them. A situation in which intelligent internet research resulted in a breakthrough is the Silk Road one, which is a prominent example. 

Ross Ulbricht, the man behind Silk Road, had advertised the website on a well-known bitcoin forum and disclosed his personally identifiable email address in another post, according to Gary Alford, a tax investigator who cleverly utilized Google to learn this.

Similar to Variety Jones, an unknown character who was crucial to Silk Road’s operations and was later revealed to be Thomas Clark. 

To expose his real identity, independent researcher La Moustache followed hints from archived cannabis enthusiast forums and company records. Much of the same proof was also cited by Gary Alford in a criminal complaint against Clark that was submitted two months later. Another instance included David Ryan Burchard, an alleged dark web cannabis dealer, who made a telling error by attempting to trademark his brand “caliconnect” under his own name. 

For investigators, having access to this information was essential since it connected Burchard to the cali connect pseudonym. These incidents demonstrate the value of thorough internet investigation and the use of digital forensics to identify criminals using the dark web. Even in the anonymous world, seemingly unimportant data might eventually point law enforcement officials in the direction of their suspects.

Surveillance and Monitoring

An investigator monitoring the surveillance cameras.

In order to prevent cybercrime, surveillance and monitoring are essential, particularly when locating suspected hackers. Network traffic analysis, digital forensics, covert operations, data monitoring tools, behavioral analysis, service provider data gathering, international cooperation, open reporting channels, decoys and honeypots, and legal surveillance techniques are important components. However, these investigations must strike a careful balance between national security and private rights.

The Postal System

A dark web criminal caught next to the parcels.

Despite being very technologically advanced, the dark web drug trade still uses standard couriers or the postal service for delivery. Drug traffickers must properly package their goods to ensure “stealth” and prevent customs inspectors from noticing them. Law enforcement organizations can, however, stop suspicious packages and look into the sender and the destination. Steven “Nod” Sadler, a known Silk Road drug trader, was engaged in a significant case. 

Authorities seized many parcels of heroin shipped by Sadler in September 2012. Jenna White was recognized as the person in charge of leaving the items scattered across the Seattle region after they tracked the packages’ beginnings and receivers. Her license plate number was recorded by the CCTV cameras at the post office, which was critical proof.

The US Postal Service (USPS) seized a shipment in 2013 that included 500 kilos of the synthetic stimulant methylone, despite the fact that drugs were not directly purchased via the dark web. 

A controlled delivery by the investigators resulted in the capture of their subject. The trade and sourcing of illicit commodities are frequently revolutionized by technology, even as criminals always attempt to remain one step ahead of law enforcement. Law enforcement authorities have adjusted and continue to go after criminals engaged in these unlawful activities despite the fact that narcotics, firearms, and pedophilia have moved onto the dark web.

Avatar photo

Harper Stewart

With a deep understanding of the complexities of the Dark Web, Harper curates informative and thought-provoking content for our readers. Her knowledge of the hidden corners of the internet and cybersecurity helps shed light on the often mysterious and illicit activities that take place in this realm.