The Silk Road Files, part II: How a single ecstasy pill brought down the Silk Road empire
This is the second installment of the Silk Road Files, an investigative series exploring the rise and fall of the Silk Road dark web marketplace, its investigation, and the arrest and trial of Ross Ulbricht.
If you missed Part I, check it out here.
Perhaps the greatest cyber-hunt of all time began with a single ecstasy pill.
Homeland Security Investigator Jared Der-Yeghiayan (der-yeh-gan) was working at the Chicago O’Hare Airport, an inspector-in-training, when he stumbled onto the trail of a crypto-mystery that would consume and change his life forever. It was one of those fateful moment’s in history that hinged on a strange combination of dumb luck, good timing and a knack for sniffing out delinquency.
Unfortunately, there is not a lot of information out there about Jared Der-Yeghiayan. No LinkedIn page, no Facebook profile, no Twitter, no government employee information or contact and no Wikipedia page, despite his being one of the most prominent government investigators in one of the largest crypto-investigations of all time. There aren’t even pictures of this guy online. The best I could find is a courtroom sketch (from Ross Ulbricht’s trial) and a screen-shot of a picture taken of a screenshot from a presentation he gave at France’s FIC 2019 infosec forum.
It’s almost as if all traces of Der-Yeghiayan have been scrubbed from the internet…
That FIC forum (for which the video is mysteriously no longer available) is the only public appearance Der-Yeghiayan has made since the Silk Road investigation ended and the only dialogue of his available, outside of his 2013 affidavit (a 293-page court document from Ross Ulbricht’s trial).
Needless to say, try as I might, it was not possible to get an interview with this man — this government ghost.
Meaning, the majority of the information that follows, comes from his 2013 affidavit and the subsequent 2019 presentation. According to those sources, Der-Yeghiayan’s story goes something like this:
In June of 2011, an inspector at the Chicago O’Hare Airport came to Der-Yeghiayan with something strange. He’d found illegal drugs in someone’s mail, which, in-and-of-itself was not that abnormal. What was strange, though, was the amount that was discovered: just one single ecstasy pill. A personal dose that had been concealed within its packaging rather cleverly. This was indeed an oddity. Because, usually, when investigators found drugs, it was in bulk — almost without exception, if they found ecstasy, they found thousands of pills; if they found acid, it came in books of sheets; if they found coke, it was being shipped in by the kilo.
But this? Something different was going on here. And it wasn’t an isolated event.
After trawling other boxes going through the mail, Der-Yeghiayan and his coworkers found more similarly sized shipments: grams of weed, single strips of LSD, handfuls of amphetamine pills or eight-balls of cocaine. Whatever was going on here, it was not the usual bulk-drug import. And they could tell from the way the drugs were packaged, that this was an organized effort.
So, government agents, including Der-Yeghiayan, went to the addresses where the intercepted drugs were meant to be shipped. Not to make any arrests, but simply to talk with the buyers, to discuss where they were making these purchases.
As Der-Yeghiayan recalled for the crowd at the FIC forum, that good-cop approach worked.
An exasperated roommate of one of the buyers spilled the beans. Irked (and likely terrified) that Homeland Security Investigators were knocking on the door, this person explained that their roommate was ordering “weed, ecstasy, LSD, maybe some heroin” from a site called “Silk Road”…
“Yeah, we know that,” Der-Yeghiayan bluffed, playing it cool. (He’d never heard of this site in his life.) “That’s silkroad-dot-com right?”
“Nah,” replied the roommate. “Dot-onion, Tor.”
Now, to the technically unfamiliar, that sounds like a bunch of gibberish. Which is probably what it sounded like to Der-Yeghiayan at the time.
To those in the loop, though, that gibberish makes perfect sense. Tor is an anonymous router which, instead of using the typical .com, .org, .edu domain names, uses .onion. It’s the dark web analogue to standard browsers like Chrome or Safari.
Unlike those applications, though, Tor isolates your cookies and deletes your browser history after each session. It encrypts and relays your traffic for each site you visit across three Tor relays around the world, so no one website can ever know where you are accessing it from. It’s like using Harry Potter’s invisibility cloak to surf the web.
Today, Tor is used for everything from watching porn discreetly, to talking anonymously on forums, whistleblowing, cryptocurrency exchanges and the sale and purchase of illegal goods.
But at that time, Tor (short for “The Onion Router”) was largely unknown, unused and un-understood. It had been developed in the mid-90’s by Naval Research computer scientists for the purpose of protecting US intelligence and then was all but forgotten about. Prior to the Silk Road, this internet browsing tool didn’t have a whole lot of civilian applications. It pretty much sat on a cyber shelf collecting dust.
However, as the Silk Road rose to prominence, it became very clear that Tor was going to play a huge role in the evolution of the internet. And the Dread Pirate Roberts was driving its influence.
Though he probably had no clue what this person was talking about back in 2011, Der-Yeghiayan had gotten what he needed — a name: Silk Road. And a place to start looking: Tor.
The search was on.
He started googling Silk Road, digging into a mystery that only seemed to get deeper and darker as he went. At a certain point, the young and ambitious Homeland Security Investigator must have realized that he had stumbled upon a career case — a narc’s motherlode.
Der-Yeghiayan eventually discovered that the first mention of Silk Road online had been on the forum bitcointalk.org, in messages from a user named “silkroad.” This user, whoever they were, had listed a website called silkroadmarket.org on their profile. Which, when visited would deliver a curious surfer to a page containing this message:
“This is not the Silk Road, but you are close...
The Silk Road is an anonymous online market. Current offerings include Marijuana, Hash, Shrooms, LSD, Ecstasy, DMT, Mescaline, and more. The site uses the Tor anonymity network, which anonymizes all traffic to and from the site, so no one can find out who you are or who runs Silk Road. For money, we use Bitcoin, an anonymous digital currency.
Accessing the site is easy:
Download and install the Tor browser bundle (Click here for instructions and non-windows users)
Open your new Tor browser
Once inside, you will find a homepage that looks something like this:
* it takes about a minute for you to make the initial anonymous connection to the site, but afterward you should be able to browse more quickly.
So what are you waiting for? Get Tor and get to Silk Road! We'll see you inside :)
-Silk Road staff “
All Der-Yeghiayan had to do, was follow instructions. And in no time at all the novice investigator was perusing the world’s first dark-web marketplace, wandering the virtual isles of that illicit bazaar in wonderment.
He made over 70 different purchases of controlled substances from Silk Road, testing the quality of the drugs as he received them in the mail. Not only did Der-Yeghiayan find that most of the drugs he was receiving were high purity, but they had come from over 10 different countries around the world, he had got them quickly, bought them anonymously and received them in specifically concealed containers that helped avoid detection.
Whatever this Silk Road was (A cartel? A hacker syndicate? An international drug lord network? A single idealistic mastermind?), Der-Yeghiayan knew something very large and very illegal was going on. This was unlike anything they’d taught him in Homeland Security Investigator school. And, in fact, unlike anything any government in history had ever dealt with.
Der-Yeghiayan wanted to find out who silkroadmarket.org had originally been registered to when the site had been created. Perhaps, he thought, if he could track down that owner he would find out who “Silk Road staff” truly was, find them and make an arrest. Easy.
However, the information he found regarding the owner — one Richard Page, of 11640 Gary Street, Garden Grove, California — was fake. No such individual had ever existed at that address. It was a dead end.
Or so he thought.
(Things get little thorny from here on, so bear with me.)
According to domaintools.com, which Der-Yeghiayan used to check the hosting history of the silkroadmarket.org, this domain was maintained at the server XTA.net, which (and this is very important) was registered to the company Mutum Sigillum LLC.
That company was owned and operated by one Mark Karpeles; a Frenchman living in Japan and the owner of the largest bitcoin exchange group on the internet at that time: Mt. Gox.
In the simplest terms, a Bitcoin exchange group is a business that allows users to buy things with crypto currencies, specifically bitcoin. Exchanges like Mt. Gox are the banks of the crypto world — they shave a little off the top of every transaction that runs through their site. And, if a lot of transactions are moving through the exchange group, the Bitcoins (or Litecoin, Ethereum, Ripple, whatever) pile up faster than you can say: “Suspect.”
Mark Karpeles, Owner and CEO of Mt. Gox Bitcoin exchange.
Now, I am no Homeland Security Investigator by any stretch of the imagination. BUT, it seems like someone who owns and operates a Bitcoin exchange group like Mt. Gox would stand to benefit a lot from a marketplace like Silk Road, that dealt exclusively in Bitcoin.
Not only was the motive there for Karpeles to support and maintain the Silk Road, but so was the skillset. Karpeles is a self-proclaimed computer hacker, a skilled programmer who owns, operates and administers hundreds of websites across the internet and who specializes in the development of e-commerce websites.
Very quickly, Mark Karpeles became Der-Yeghiayan’s primary suspect for the Dread Pirate Roberts, and he would remain as such straight up through Ross Ulbricht’s trial.
The following is pulled directly from Der-Yeghiayan’s court affidavit from 2013:
“I believe that KARPELES has been involved in establishing and operating the Silk Road website.
“KARPELES controlled the domain name server and the IP addresses used to host the silkroadmarket.org website on the ordinary Internet.
“Moreover, in early 2011, around the same time that Silk Road began operating, KARPELES acquired Mt. Gox. Given his ownership of this Bitcoin exchange business, KARPELES had a strong motive to create a large underground marketplace where Bitcoins would be in high demand. The Silk Road website was uniquely well suited to this purpose."
“Finally, the fact that the Silk Road Underground Website relies on a highly complex system for processing Bitcoins strongly suggests that it was designed by someone with extensive technical expertise related to Bitcoins – which KARPELES, being the owner and operator of a major Bitcoin exchange and Bitcoin discussion forum, clearly has.”
Was this the person signing those messages on bitcointalk.org as “Silk Road staff?”
And if it was, did that mean Der-Yeghiayan had found the infamous Dread Pirate Roberts? The swashbuckling libertarian cyber-skipper of the Silk Road?
By July of 2012, Der-Yeghiayan seemed to think so. Or at least, that was his hunch. He compiled a report, summarizing everything he’d found and all of his suspicions concerning Mark Karpeles, Mt. Gox and the Silk Road. He submitted the report to Homeland Security, to a database where it could be viewed by any Homeland Security office in the country.
That was an incredible mistake, on his part.
By posting his findings so publicly among his peers, Der-Yeghiayan invited every ego in the federal government to stick their dick into his investigation. Which happened very quickly and very effectively derailed the entire operation.
Not only that, but it opened wide the door for snakes and crooked cops to slither in and poison the water. These "rogue" government agents would end up embezzling millions of dollars in Bitcoin from the Silk Road; they would tip Karpeles off to Der-Yeghiayan’s investigation; they would even go so far as to kidnap a man named Curtis Green, one of Silk Road’s prominent admin’s, torture him, fake his death, and use his account to lure Ross Ulbricht into a trap that many allege, never should have been set for him in the first place.
All that, still to come in The Silk Road Files.