Hacker News new | past | comments | ask | show | jobs | submit login
So, you want to be a darknet drug lord (pastebin.com)
267 points by davikr 6 months ago | hide | past | favorite | 144 comments

A big misconception that the author and others have is that if two countries don't have an extradition treaty it means that you won't be extradited.

It doesn't work like that. All it means it that instead of you being more or less automatically extradited now a negotiation process starts between the two countries. Put another way: extradition is manual instead of automatic.

Plenty of people were extradited from "no extradition treaty" to US.

> One very important takeaway from this article should be that just because a country does not have a formal extradition agreement with the United States, does not mean that the country will not extradite you.


And also how much the US authorities want you. If the US really wants you, they have a very long reach (see Bin Laden in Pakistan).

Very few (maybe 1 or 2 at any given time out of billions) have the ultimate impetus to capture that bin laden had.

Yeah, same as the British monarchy after the murder of Charles 2. Or James 2. But they tracked down the killers all the way to America, or so they say. Same with Stalin getting Trotsky in Mexico.

But there's others who never were captured, Hannibal evaded Rome until they almost captured him, but he successfully killed himself so they never got him alive. There's many others on both sides.

> Hannibal evaded Rome until they almost captured him, but he successfully killed himself so they never got him alive.

I'm not sure if I'd put this one in the "W" column.

Some say he escaped into the Los Angeles underground.

Look for a black windowless van with a red stripe on it.

They didn't have to look far for the murderers of Charles 2 - very probably the treatment his doctors gave him for his ailments were the proximate cause of his death.

I wonder if Hitler really killed himself or if managed to escape to Argentina.

Why Argentina in particular?

> Keep in mind that the NSA will start scooping up all of your packets simply because you visited torproject.org.

This particular one might not be true but the general spirit probably is. This is why I sometimes do things which a drug lord would do even though I am not one (I swear). It's for the benefit of possible-future me where I do have something to hide.

The correlation of the time where you started using Tor extensively and the time a particular Darknet service started operating? Certainly a possible leak of a few precious bits of those ~30 bits that are needed to pinpoint you.

It's a generalization of the rule that you should not restrict encryption to only those messages that are important.

> This is why I sometimes do things which a drug lord would do even though I am not one (I swear). It's for the benefit of possible-future me where I do have something to hide.

We need robots that do this constantly.

Also, by the way, I am building a switchblade 300 clone and the charge will be nitrocellulose!!!

I wish you weren't joking, those things are neat


TIL, they're missiles except drone-based instead of rocket-based

And because of the simplified flight infrastructure they're only $6k

They are a bit more than missiles, as the operator can fly them around, re-target or even call off without hitting anything (I believe they aren't recoverable though).

That's why they are called loitering munitions rather than missiles.

I guess everyone should buy one and put it at their backyard!

“Add up all the of contracts we know about, and AeroVironment has received at least $105.4 million worth of orders for 1,500 Switchblades produced -- which works out to a unit cost of more than $70,200 per Switchblade. Minimum.”


> they're only $6k

They probably have a 90% margin on those...

Opsec is incredibly difficult to get correct - especially in the long term. Many of the people who need to be getting it correct do not and the only reason they are not in front of a judge or serving time is simply because their government hasn't given a shit to so much as glance their way. Because if their government actually gave a crap to investigate they'd be found almost instantly. From doing stupid things like sharing photos of their pets to more mundane things like having very obvious hours of activity and using vocabulary that varies spelling regionally (eg: how you spell color/colour suddenly matters) or even worse using regional slang like a bunch of Australian slang.

If you want to be a darknet drug lord my advice is of a different flavor: Don't let yourself become too big. Once a (or multiple) governments are after you it is very likely only a matter of time before you get caught. Not because the government is particularly good at tracking people down or somehow nearly omniscient but simply because you likely had or have terrible opsec and finding you is more trivial than you've led yourself to believe. If you believe they are already looking for you it's time to abandon everything and disappear. Live your life like it never happened and whatever you do don't pass on the torch. Let your work die and be buried and someone else build on top of the grave.

I find DNMs fascinating and love reading about how founders are eventually caught.

> Opsec is incredibly difficult to get correct - especially in the long term

I'd say if you are doing it long term then you are doing it wrong. The longest surviving DNM by far was Dream which I speculate had some nation state backing it.

> I'd say if you are doing it long term then you are doing it wrong.

I agree entirely but it also depends on your threat model. When making my post I didn't have DNM's in mind (though that's the context...) and was actually thinking about the abysmal opsec of many private tracker admins.

>If you want to have some fun at the expense of business in the short term, intentionally take your service offline periodically in order to mess up attempts to match your downtime with public information

Wow, I would have never thought about that to use public-downtime to find/match your service.

It is also a fantastic way of knowing where the owner of the site lives and their daily routines. For example, if the site owner is doing maintenance 03:00 GMT, they probably are in Europe. If they are active during only evenings in Americas, they probably live in somewhere in America and has a day job or they study.

So, activity hours and maintenance hours can be used to pinpoint the timezone of the owner and their daily habits. Randomizing every bit of information is important.

Basically the plot of “death note” and how detective L pinpointed Japan as the location.

> So, activity hours and maintenance hours can be used to pinpoint the timezone of the owner and their daily habits. Randomizing every bit of information is important.

Or injecting disinformation: pick a misleading timezone, and only connect at times compatible with that timezone (e.g. 03:00 GMT is 11PM EST). Though that might not be compatible with making all your connections from unconnected locations (not many coffee shops/libraries are open that late).

consistent disinformation is also information. doing it random intervals is way to go.

I think Satoshi did this. His hours were kind of unpredictable. Wonder if he was just an insomniac or trying to be time agnostic for security or both?

Do we have enough info to even pinpoint this type of data to him (or her) ? I was under the impression the links were nebulous at best. But I do not know that much about Satoshi

This suggest the opposite of what OP said https://chainbulletin.com/satoshi-nakamoto-lived-in-london-w...

also https://medium.com/@insearchofsatoshi/the-time-zones-of-sato...

Googling "satoshi time zone" give a lot resources

Speaking of time-matching you should also avoid starting a publicly observable spike in Tor-related activity just before the date your new Darknet service goes online.

Check out the ways people have tried to identify Satoshi Nakamoto to learn more about this and other ways you leak information.

Where can I find more about this?

just google "how did satoshi stay anonymous" and you should find tons of info. it was pretty well known and widely discussed.

FWIW we don’t know if Satoshi remained anonymous. We just know that he wasn’t conclusively identified by relatively unsophisticated internet commenters and journalists.

OTOH there were many times when Satoshi connected to IRC with non-Tor residential IPs, it’s possible that deanonymization was just one subpoena away.

Yep, it's survivor bias to assume Satoshi's methods were effective, because he could be incarcerated or kidnapped or traced with his methods and it would not be general knowledge.

The next question is, what does it mean that no state-level actors publicly identified Satoshi either?

That he declared his taxes appropriately?

No, that either they didn’t identify him as a threat, or that he was a fed all along (in which case, fair enough, the feds also invented Tor, they do cool shit occasionally).

Or even if they did identify him as a threat, they could’ve kept the information to themselves for leverage.

There is literally zero information you could extract from this besides the fact that he probably didn’t do anything indictment-worthy.

Ooops, missed your post, gonna leave mine tho I guess.

Reminds me of Evan Ratliff's The Mastermind [0] about Paul Le Roux building an illegal online pharmacy and how eventually he was caught.

[0] https://www.goodreads.com/book/show/41181600-the-mastermind

Wow, there's a blast from the past. Here's another piece [0] by Ratliff about trying to go off the grid while orchestrating a manhunt for himself. It scratches the same spy-crime-opsec itch that the other links in this thread do, and left a lasting impression on 8-year-old me.

[0] https://www.wired.com/2009/11/ff-vanish2/

Along the same lines there’s a German show (on US Netflix) called “How to Sell Drugs Online Fast” that’s loosely based on the true story of a teenager[1] who started an online drug business from his bedroom. It’s pretty funny and a bit Silicon Valley-esque. There’s also a documentary where he’s interviewed. I think it’s called “Shiny Flakes” which was the name of his website.


IIRC, Shiny Flakes went back into the business after the Netflix show and ended up getting busted.

Talk about horrible OPSEC.

Like snoop from the wire using her profits from a (fictional) west baltimoreheroin selling conspiracy to,in fact, establish a west Baltimore heroin selling conspiracy.

Ah yes, this story was amazing.

I didn't know there was a book, but there was a series of articles a while ago by the same author : https://magazine.atavist.com/the-mastermind/

One of my favorite books!

> This section tries to be as operating system independent as possible

But if you are going to interact with Tor and setup hidden services, Whonix[0] is your best bet. The idea behind Whonix being that even if there's some javascript-based 0-day that tries to decloak you, it can't leak your naked IP, because it fails closed and everything is routed through Tor.

[0] https://www.whonix.org/

Is it different than tails? As far as I understand tails routes all traffic through tor too, and cuts the connection if it cannot be done.

Huge difference. Whonix consists of two VMs, one where you actually work and another which acts as a "router" sending all of your traffic out over Tor.

Code running in the work VM can't leak your IP even with root access.

That didn't answer their question.

Nobody is advised to run Tails in a VM, only as the host OS, so the dual VM part isn't that relevant.

I've used both, only pointing out how your response didn't match

The article does briefly mention Tails and how it does a RAM rewrite upon shutdown for you

> If you're planning to use TAILS, it will scrub the RAM for you automatically when you shut down.

The dual VM part is the essential difference - if someone were to gain root to your Tails installation with a zero day they could decloak your IP. If you are running whonix that is not possible without also breaking out of the VM into the hypervisor.

okay, can't argue that, a 'zero day' is always a threat, especially given how much trust is required in the Tails updates which are like every month

odd and unlikely attack vector, but always a target

>odd and unlikely attack vector, but always a target


The FBI has publicly burned firefox 0days to deanonymize Tor users at scale.

We're having this conversation under a post titled "So, you want to be a darknet drug lord".

If you want to be even a small time DNM vendor, you should not use Tails but Whonix.

yes we know its always a target like I already said, I know the FBI and others are actively researching and attacking

But a browser escape is different than obtaining root on an OS that doesnt even enable root by default

like I said, different harder attack vector, likely under research

save the argument for someone more in denial about that?

> an OS that doesnt even enable root by default

This is a meaningless statement. Just because there is no way to log into the root account doesn't mean there isn't a kernel that treats uid 0 specially.

>But a browser escape is different than obtaining root on an OS that doesnt even enable root by default

A linux LPE is worth a small fraction of the money a Firefox escape is. Far easier to come by, far weaker defences.

At least tails seems to use network namespaces now, so deanonymization without root might not be as trivial as it was before.

where is a good place to discuss current and proposed Tails OPSEC

most of the stuff I find on Tor is very outdated, still enough relevant to piecemeal some decent OPSEC, but being able to bounce ideas of people objectively seems to be lacking - or I don't know the communities

there is the tor reddit page, but reddit is periodically hostile to tor connections. dread on tor is often down, so thats annoying, but I found onion services within tor often had the best information on using tor

I'd stick to the tor IRC channels on OFTC for informed conversations.

/d/OPSEC and dread in general is a cesspit with few quality conversations.

>That didn't answer their question.

It did. Whonix can defend you against malicious code running inside your work environment, Tails can't.

>Nobody is advised to run Tails in a VM, only as the host OS, so the dual VM part isn't that relevant.

This is why it's a bad idea to use Tails at all unless you aren't actually that worried about being deanonymized.

>The article does briefly mention Tails and how it does a RAM rewrite upon shutdown for you

This is meaningless security theatre.

> Huge difference. Whonix consists of two VMs, one where you actually work and another which acts as a "router" sending all of your traffic out over Tor.

Honestly, it seems like it'd be safer just to run two different machines. IIRC, I saw some instructions a long time back for turning a small travel router into a OpenWrt-based Tor router.

That can be much better, but you should take care to not get deanonymized based on your hardware serial numbers. Less of a concern when working with VMs.

Correct. Whonix could be cloaked via a 0day in QEMU.

Couldn't you also just run a VM inside of Tails and do all your work inside of that?

Maybe possible? Not supported, don’t do this, lots of room for misconfiguration.

I haven’t touched Tails in years, but they used to have a pretty exotic network stack. I wouldn’t want to try to make that work with VMs.

This is a great article, I love reading stuff like this that goes into detail into interesting and unusual lives, whether criminal or not. Is there any collection of similar articles, related podcasts, or particular stories I should check out?

I really enjoy the Darknet Diaries podcast: https://darknetdiaries.com/

The host is masterful at divulging the right amount of technical detail to keep both casual and tech savvy listeners engaged. He is also very good at finding good topics and getting hackers to talk on the podcast.

Isn’t there a hidden service bbs/forum out there where the primary topic of conversation is opsec and anonymity applied in this manner?

I thought I read (on hn) of such a community…

not a forum but this has good privacy and osint info: https://inteltechniques.com/podcast.html

lots of content, you gotta weed through a lot to get the good stuff

Mostly still IRC chat interestingly enough

I don't know if this is what you are looking for but I enjoyed this AMA to a bartender a few months back: https://news.ycombinator.com/item?id=27979864.

>... Keep in mind that the NSA will start scooping up all of your packets simply because you visited torproject.org.

I wonder how true that is.

Based on a cursory glance, this looks to be true through the XKeyscore program [0] (CTRL-F Tor)

[0] https://en.wikipedia.org/wiki/XKeyscore

only if you don't live in the Five Eyes. though I definitely wouldn't bet my freedom on it.

When you're trying to cover your tracks, it's best to assume the worst at all times, even if it's unlikely.

Besides, it's not like the NSA doesn't have the capability to scoop all packets from people they've seen visited torproject.org.

On the topic of darknet markets, I keep thinking that a darknet gold/hard currency market would be way more interesting than drugs. It would provide a way to convert crypto to real world fungible assets outside of the exchanges. Wonder why it has never been done.

It's much more difficult to cloak, because the transactions are necessarily tied to a physical address. If you're okay with being identified, why not use the legal markets? If you're not okay with being identified, you probably don't want to leak a physical address.

I struggle to think of useful ways of cloaking the physical transaction. You can have it shipped somewhere you don't live, but then you have to get there to pick it up, probably leaving a massive trail of GPS data and gas receipts.

I wouldn't be surprised if shipments of gold or cash raise eyes at customs, either.

I must be missing something, how doesn't a drug market require a physical address?

Required to buy, the seller is at higher risk and wants to be anonymous and does not need to provide an address to fulfill orders... same goes for the host of the hidden service

I think what OP was trying to get at is that a dark web crypto exchange would not offer any benefit over a clear web one (both need to know who you are to send cash).

Meanwhile, there simply is not clear web drug store, so dark web ones don't have to offer anonymity to their buyers

There are such markets in the open, as trading gold and crypto is mostly legal, so where's the demand for a dark market for those?

The point, I think,would be an on/off ramp that ignores KYC and isn't receptive to court orders to reveal customer information.

Aren't localbitcoins.com and similar markets that?

Do you think they'd ignore a court order?

They don't handle the trades themselves. You use them to find a person and trade directly with them.

Localbitcoins has required mandatory KYC for quite a while, like postpaid phone number, no prepaid, no throwaway just to be able to send a message.

You're effectively locked out from talking to others or reading listings until you KYC.

IIRC LocalMonero/AgoraDesk doesn't require KYC.

There have always been vendors on the markets who have purported to send you cash in the mail for your bitcoins. Several vendor arrests have been attributed to theses vendors being government agents (or to keeping customer records that were discovered after their arrests).

You are probably better off just using Craigslist and finding legit Gold/Silver deals to do transactions with in person. Of course you need to make sure to vet them carefully and also check and make sure whatever you are buying or selling is actual gold/silver.

> You also shouldn't go out and buy a Tesla. Living beyond your means is a key red flag that triggers financial and fraud investigations [..]

Okay, so why would I go through all this trouble then? I could think of other hobbies to escape a "cookie-cutter" life.

Crime doesn’t pay. If you look up earnings of US mafia members you’ll find that your average organisation has few people on top making ton of money they are just sitting on because its dirty money they can’t easily launder or spend, with under-bosses making middle-class money and everybody else scrapping by, with their possesions being in illiquid assets that are hard to turn into cash in time of need like stolen goods (electronics, clothes, cars etc. ect,) or property shares.

I think that is probably what most people expect - and what most Mafia bosses would want. If your underlings dont make a ton of cash on their own and are reliant on you for nice stolen goods, illegal apartments where they can (relatively comfortably) live, etc etc then they will have more trouble leaving the mafia life than if you just paid them a decent wage.

You just described a normal corporation.

freakanomics had a great chapter on this in the first (I think) book.

> freakanomics had a great chapter on this in the first (I think) book.

Wasn't that about street gang members and not the mafia?

I vaguely recall it was something about working at McDonald's pays better than being a street-level drug dealer.

I guess my point is that crime is like being an actor. Only the 0.001% who hit it big do better than they would have as an engineer, doctor, lawyer, or MBA.

AFAIR it was there I saw that 50% of mafia members ann. earlings are less than $19500, with extra being assets I’ve mentioned above.

Why do you think NFT's have exploded? Your "bad guys" can buy a pretty picture from you, meanwhile, you ship them a bunch of a drugs.

You can't help that you're a famous and wealthy artist.

Maybe I'm too naive, but what's NFT have to do with it? Couldn't they send any crypto instead? What does it accomplish?

I never heard of this usecase, which makes me believe it's too convoluted to be true.

If someone sends you $1M in Bitcoin out of the blue, that's very suspicious. You didn't earn that and the tax man knows it. If you make a goofy picture of a frog and someone "buys" it from you for $1M in Bitcoin, that's just the wacky world of NFTs, and the government will have a hard time proving that that wasn't a legitimate purchase.

It's not convoluted at all; it's actually pretty elegant when you get down to it. It's almost enough to make the entire NFT phenomenon make sense.

I’m pretty sure the art market was doing this all along.

If you have $200,000 in ETH, you can sell yourself a $200,000 NFT. Externally it looks like some anonymous person gave you $200,000 for an NFT, rather than you just trying to legitimize illegal cash flows.

Or alternatively, you can double your net worth, because you go from having $200,000 ETH to having $400,000 ($200,000 ETH and a $200,000 NFT). This can then be used to fool naive lenders (or buyers) to giving you money at a fraction of the amount the NFT is worth, which is still a net gain for you.

If you're buying NFTs like they're legitimate "art" and not aware that NFTs exist for these purposes, then you shouldn't be playing the NFT game.

I think you are getting this wrong

the NFT scam is a tax evasion thing - much like much of fine art.

Welp, it's basically an unregulated market, so whatever possible is possible. Tax evasion, check. Money laundering check. Ponzi scheme, check.

Art embezzlement is just an additional way NFTs are used to the ways described above.

It's an alibi. Yes you received a lot of money. But because someone loved your MS Paint masterpiece.

Sigh. I understand now...

I wonder if this could be tracked somehow. NFTs used as 'receipts' probably never get sold again.

NFT is just digital art fraud. Fine Art is often used to transport millions of dollars across borders. NFTs are `probably` used in a similar way.

We make a deal via some marketplace. Doesn't matter. We agree on a price and an amount, and some other specifics.

In a different marketplace, you offer up a jpg of a monkey. I offer thousands of dollars to own it.

In the real world, you ship me a big box full of dope, and email me a hyperlink to a jpg. I send you bitcoin, and all of a sudden, we're both legitimate actors in this little NFT art biz.

You have to launder it like the article mentioned, it just glossed over that completely as its about the OPSEC.

Its still better if you already have a lucrative clean-money life, which means it is easier to quickly intermingle uncleaned money into it.

. . . and of course, if you already have a lucrative clean-money life, there's not much point to risking it all to get involved in dirty money activities

It seems the best way to do it would be to be sponsored by the FBI or whatever in your country - use your expertise to setup a honeypot system with their prior knowledge and you'll feed them data when it is setup... they get info feed to collar criminals, no cost to their budget, are they going to care if you make your cut along the way?

[note the "It seems" — I have zero experience with what the FBI may or may not require for such an operation]

There’s nothing stopping the feds from double crossing you though. You could be the leader of a sovereign country and they will literally invade your country just to arrest you. That’s how they did Noriega.

Some countries are sovereign only in theory.


Part of the goal of reducing corruption is having alternative behaviors that are more attractive

But in any case there are lots of useful laundering techniques that can pass scrutiny

Just wait for the next darknet pastebin to have that debate

Really, it's about not drawing attention to yourself. You can probably buy a Tesla if you also have a regular job, just don't buy it in cash. That cash transaction may be reported. Act like a "normal person" that has loans.

I know I should never do this but if I ever get semi rich I legitimately do want to walk into a nice car dealership with a suitcase full of real cash handcuffed to my arm :-D

At least in the UK, they might not accept it. I believe there is a limit to what you can spend in cash at places like car dealere, art houses, jewellers etc. I believe it's about £9000.

Meh... they'll secretly get upset with you. Plus it is much smarter to pay for it with a credit card and then pay the card off. That way you can get those sweet sweet rewards points...

from what i've seen they get unsecretly upset with you and furious that they are not getting their kickbacks for making you take out unnecessary loans

you can only stuff about a mil into a briefcase, rich people won't handcuff themselves to a measly mil

I absolutely love the cold pragmatism in his/her writing. It reads like a DIY spark plugs replacement guide :D

I'm assuming it's a him because his handle is the masculine form of the Hebrew word for snake.

But maybe that's there to throw us off the scent...

Maybe the author is several steps ahead of us, and is actually a male snake.

is "snake" slang for police in hebrew?

Well, "slang" is Dutch for snake... So maybe it's fuzzy word proximity where it's at.

Nice try, intelligence agencies. Drugs are illegal but still bought and sold which means the state has monopoly on their trade, while also has monopoly on escalation of violence. Fundamental condition is having plugs in the law enforcement and intelligence agencies. Without plugs one has immediate full attention of law enforcement and of competition.

Assuming this is credible, I'm glad my opsec intuition is not too far off. This is approximately what I expected.

I guess that's part of the fun, figuring if the US government planted this or not.

I'm more at contemplating what level of "kingpin" could run technical operations that tight and also move a buncha drugs. I think the stress might ruin my stomach in a week.

> You don't want to be like Ernest Lehmitz, a German spy during World War II who sent otherwise boring letters about himself containing hidden writing about ship movements. He got caught because the non-secret portion of his letters gave up various minor personal details the FBI correlated and used to find him after intercepting just 12 letters.

That's an interesting story, this is the best I found about it: https://www.silive.com/news/2018/07/staten_island_wwii_espio...

TIL about doxbin [0], the site allegedly maintained by the author. apparently doxbin hacked The Hidden Wiki and deleted the links there to child porn, in a surprisingly wholesome bit of hacking.

I'd love to play around with like, a CTF where one side sets up a hidden service and the other side has state-level access to try to uncloak it. something that simulates what powers the US has, e.g. red team has a limited number of raids it can do, ability to patch things into network cables or hack routers, while the blue team has several fake cloud providers in fake countries, a Monero testnet etc.

would anyone else be down?

0. https://en.wikipedia.org/wiki/Doxbin

Sure, sounds fun!

So how do we proceed? I've noticed there is no contact information in your profile (mine lacks that too), so I've made a new public Matrix room: #torctf:matrix.org

This is super interesting, most writeups I've seen similar to this focus more on hardening the server itself and not the adjacent OPSEC necessary like TOR best practices or hosting strategy.

There is a lot of information like this on Tor forums and Tor marketplaces that I've only seen there.

Sometimes people that never looked casually dismiss the idea that there is obscure useful OPSEC information there.

Selling guides like these for $.99 is a great way to get your marketplace reputation up fast, to sell bigger ticket items.

> Spreading disinformation about yourself takes time, but after a while the tapestry of deceptions will practically weave itself.

Where the darknet meets linkedin.

Joe Smith has endorsed you for a skill: Drug Lord

TIL shitexpress.com exists as a service.

It's like MasterClass, but for people who are bad at expressing their feelings

I've always wanted to know more about spy tradecraft (e.g. dead drops, number stations, and the like), and this kind of has the same vibe as that.

not bad for advice from 2015

I do how did you know that?

Applications are open for YC Winter 2023

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact