The FBI arrested 26-year-old San Francisco tech worker Blake Benthall on Wednesday, accusing him of running the infamous deep web marketplace the Silk Road.
But Benthall wasn’t the founder of the site. Instead, his version of the Silk Road was often dubbed “Silk Road 2.0″ to reflect the fact that it was a relaunched version of the original site.
The first incarnation of the Silk Road was shut down by the FBI in October 2013, after alleged founder Ross Ulbricht was arrested in a San Francisco library.
Court documents for the seizure of both the original Silk Road and the Silk Road 2.0 show that the site’s two alleged operators made the same error that enabled authorities to link them to the site.
Ross Ulbricht, the San Francisco resident accused of creating the original Silk Road, allegedly used a Silk Road user account which was registered to his personal email address.
The firstname.lastname@example.org email account was also posted on the Bitcoin Talk forum as contact information for a poster looking to hire “an IT pro in the Bitcoin community.”
Ulbricht was caught in part due to the links between his personal Gmail account and other online accounts. It was trivially easy for investigators to string together usernames and IP addresses, with the help of information and IP logs obtained from Google. The records show that Ulbricht regularly logged into a VPN service in a San Francisco internet café. On the same days he was allegedly using the VPN to mask his web traffic to the Silk Road’s administrative dashboard, Google’s records showed that he also checked his personal Gmail account.
After learning of the demise of his predecessor, surely the man behind the Silk Road 2.0 would take better care? It seems not.
The FBI briefly took the Silk Road 2.0′s servers offline in order to make a copy (known as an “image”) of the site. Because of the way the hosting account was set up, it fired off a series of emails to a pre-determined address in order to detail the site’s downtime. Those emails, the FBI claim, went to email@example.com, the personal email account of the San Francisco web developer accused of running the site.
Benthall used his personal email account to manage the web hosting account that the FBI says was used to keep the Silk Road 2.0 online. Additionally, he used that email address to create an account on a US-based Bitcoin exchange, and received his first transaction on the very day that the Silk Road 2.0 came online.
As the Daily Dot reports, Google again turned over IP logs and account information, this time for Benthall’s personal email account, to the FBI, revealing Benthall’s name and location information. It was obvious who owned the account: The email address was firstname.lastname@example.org, it was registered to “Blake Benthall,” and IP logs show that it was accessed from Las Vegas and Lake Tahoe hotel rooms reserved under the name “Blake Benthall.”
There’s no denying that Ulbricht and Benthall were clever men, after all, the FBI accuses them both of running a complex deep web marketplace. Both men are alleged to have used modern anonymity services, and took care to anonymize their currency movements online. But it was the simple mistake of using their personal email accounts for activities related to the Silk Road that made the FBI’s job easy, and likely led directly to their capture.