daily pastebin goal


a guest Nov 1st, 2013 501 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  2. Last update: 30/10/2013
  3. You will find on this page information related to the Silk Road website and forum:
  5. Yet another timeline of Silk Road website and DPR arrests.
  6. Conspiracy theories of the events that led to DPR arrests.
  7. On "The Employee" staged assassination
  8. Opiates, Poker and Cocaine
  9. Archive of the Silk Road Vendors pages, forum profiles and PGP keys.
  10. Archive of all posts and messages from "key" users and vendors
  11. Documents related to Ross Ulbricht and Silk Road case.
  12. All the archives in a friendly format for download.
  13. Credits and resources which help put that page together.
  14. Timeline
  16. Timeline of events surrounding Silk Road rise and fall extracted from various sources listed below (work in progress):
  17. Maryland Indictment New-York Indictment Silk Road forum Media
  19. xx/01/2011 - Silk Road Hidden Service is created
  20. 23/01/2011 - Silk Road420.wordpress.com is created. (screenshot) NYI
  21. 27/01/2011 - altoid creates an account on shroomery.org, a magic mushroom discusson board. (screenshot) NYI
  22. 27/01/2011 - altoid advertises Silk Road on shroomery.org. (screenshot) NYI
  23. 29/01/2011 - altoid creates an account on Bitcointalk forum. (screenshot) NYI
  24. 29/01/2011 - altoid advertises Silk Road on Bitcointalk forum.(screenshot) NYI
  25. 07/06/2011 - Hector Xavier Monsegur aka Sabu silently arrested by federal agents and agreed to become an informant for the FBI. M
  26. 18/06/2011 - DigitalAlch registers an account on Silk Road forum. F
  27. 18/06/2011 - nomad bloodbath registers an account on Silk Road forum. F
  28. 19/06/2011 - chronicpain registers an account on Silk Road forum. F
  29. 01/07/2011 - Last post on shroomery.org by altoid
  30. 02/08/2011 - Silk Road forum Global Moderators are nomad bloodbath, DigitalAlch, Chronicpain. (screenshot) F
  31. 16/08/2011 - DPR is looking for an experienced unix administrator. (screenshot) F
  32. 12/09/2011 - Kind Bud, joeblow2, nomad bloodbath, DigitalAlch, chronicpain listed as global moderator. F
  33. 09/10/2011 - User "Silk Road" creates the first account on the wiki: Chronicpain. Chronicpain will work on the wiki for the following weeks as administrator. (screenshot 1 and screenshot 2) F
  34. 11/10/2011 - altoid posts a job offer on Bitcointalk forum. (screenshot)
  35. xx/11/2011 - Law Enforcement starts investigating Silk Road and will eventually make over 100 individual undercover purchases from Silk Road vendors.
  36. 10/11/2011 - Silk Road Wiki is officially announced on the forum by DPR. (screenshot) F
  37. 26/12/2011 - Vendor googleyed1 registered on Silk Road forum F
  38. 09/01/2012 - DPR posted a message titled, "State of the Road Address‚" in which he announced‚ among other things‚ a change to Silk Road’s commission rate. NYI
  39. 10/01/2012 - Vendor tony76 registers an account on Silk Road forum F
  40. 02/02/2012 - Nomad bloodbath, Global Administrator of SR, comes back after almost 2 months of absence. He posts a message on SR forum to apologies. F
  41. 05/03/2012 - “Ross Ulbricht” creates the account "frosty" on Stack Overflow allegedly with the email address rossulbricht@gmail.com. (screenshot)
  42. 06/03/2012 - Hector Xavier Monsegur is revelead to be Sabu. M
  43. 30/03/2012 - Limetless registers an account on Silk Road forum. F
  44. 30/03/2012 - nob registers on the forum and writes his first and only post (screenshot). F
  45. xx/04/2012 - Undercover (UC) Agent started communicating with Dread Pirate Roberts (DPR). The UC claimed to be a drug smuggler who specialised in moving large quantity of drugs. MI
  46. xx/04/2012 - Tony76, a vendor of heroin, stimulants and psychedelics from Canada scams a lot of users on Silk Road. M
  47. 14/04/2012 - SquidShepard appointed moderator of the forum. (screenshot). F
  48. 25/04/2012 - Tony76 last Active on SR. F
  49. 10/05/2012 - Limetless appointed SR moderator (screenshot). F
  50. 11/05/2012 - List of moderators: DigitalAlch, Chronicpain, nomad bloodbath, Limetless, squidSheperd. (screenshot). F
  51. 19/06/2012 - First time DPR signs a message on the Silk Road forum using "GnuPG v1.4.11 (GNU/Linux)". (screenshot) F
  52. 16/07/2012 - Last connection to Silk Road forum of global moderator DigitalAlch. He decided to resign as he wants to settle down. (screenshot). F
  53. 22/07/2012 - DPR announces redesign of Silk Road (screenshot). F
  54. 03/08/2012 - Closure of Silk Road's weapons-dealing armory. M
  55. 19/08/2012 - Last activity of altoid on Bitcointalk.org
  56. 25/09/2012 - User samesamebutdifferent creates an account on SR forum. F
  57. 17/10/2012 - User Inigo register an account on SR forum. F
  58. xx/11/2012 - DPR hired an individual who was paid a salary and is referred as "The Employee". "The employee"'s responsibilities included responding to questions and complaints from buyers and sellers, resolving disputes between buyers and sellers, and investigating possible LE activity on Silk Road. MI
  59. 02/11/2012 - "Explosive Growth" announcement from DPR. (screenshot) F
  60. 03/11/2012 - User Flush registers on the SR Forum. F
  61. 11/11/2012 - User 0x404243 posts a message on SR forum containing the alleged hashed password of a user. He is threatening to leak Silk Road DB if DPR doesn't contact him at h0x404243@tormail.org with the corresponding username. (screenshot). F
  62. 12/11/2012 - chronicpain's last post on the forum (screenshot). F
  63. 12/11/2012 - DPR returns from 24 hours completely silent and explains the site is experiencing technical issues and he is the only one able to fix the problem. DPR wants to be sure there isn't any security breaches before bringing the site back up. Several updates of the situation follow (screenshot). F
  64. 15/11/2012 - Silk Road is down again and there are people claiming the responsability for the downtime and making threats (update 2254 UTC 11/15/2012). F
  65. 15/11/2012 - User h0x404243 sends more threats and posts a message on "Silk Road discussion / Re: Why is Tama down?" taking credits for the down time. Both messages are signed "-JE" (screenshot 1 and screenshot 2). F
  66. 17/11/2012 - DPR uses for the 1st time GnuPG v2.0.17 (MingW32) to sign a message (screenshot) F
  67. 17/11/2012 - Some "OLD hats" complain about how the Silk Road downtime incident was handle and do not trust the "NEW DPR" (screenshot) F
  68. 19/11/2012 - Several users complain DPR's PGP signature keep failing upon verification (screenshot) F
  69. 07/12/2012 - Undercover agent complains about Silk Road buyers wanting "very small amount" and "it really isn't worth it for him to do below 10kg". MI
  70. 07/12/2012 - DPR mandates "The employee" to solicit the top sellers on SR susceptible to move large quantities of drugs from UC. MI
  71. 08/12/2012 - DPR replies to the UC "Hey, I think we have a buyer for you. One of my staff is sending the details". MI
  72. 09/12/2012 - The Employee (using the support account SR Support) contacts the undercover agents saying he found a buyer who could purchase substantial quantities of drugs from the UC. The buyers is already established as a big seller on SR and plan to resell the drug on SR. MI
  73. 17/12/2012 - The SR buyer ("The Vendor") negotiates w/ Undercover Agent. MI
  74. 19/12/2012 - Silk Road is hacked. Someone changed product images and added bitcoin addresses to the listings (screenshot) F
  75. 19/12/2012 - Some vendors complain about the lack of information after the incident and suggest to take the site down (screenshot). F
  76. 19/12/2012 - DPR announces the issue has been resolved. (screenshot)
  77. 10/01/2013 - "The Vendor" provides the UC with a delivery address which happened to be "The Employee"'s house. MI
  78. 13/01/2013 - Dread Pirate Roberts tells Undercover Agent "congrats on sale!" MI
  79. 14/01/2013 - Undercover Agent tells DPR he won't ship through US Post. MI
  80. 15/01/2013 - Undercover Agent tells DPR "I'm sending my goons instead, ok?" MI
  81. 17/01/2013 - Feds acting as couriers deliver 1kg of coke to "The Employee". MI
  82. 17/01/2013 - Upon receiving confirmation of the delivery "The Vendor" sends Undercover Agent ~$27,000 worth of BTC. MI
  83. 23/01/2013 - Vendor modziw is looking for buying wholesale/bulk cocaine. Some users mention a vendor going by the name "nob" has a kilo of cocaine listed (screenshot). F
  84. 26/01/2013 - Dread Pirate Roberts tells Undercover Agent "The Employee got busted! Also, he stole funds from Silk Road users. Beat him and get the money back, kthxbai". MI
  85. 26/01/2013 - Flush, Global Moderator last active connection on SR forum. F
  86. 27/01/2013 - Vendor googleyed1 says his account has been hacked and accuses one of Silk Road staff to have stolen all his coins and changed his password. According to googleyed1 the same incident happened to several "Top Vendors" (screenshot). F
  87. 27/01/2013 - Dread Pirate Roberts is afraid the employee will give up info as he was on the inside for a while, he knows too mutch. DPR asks the Undercover agent to kill the employee. MI
  88. 29/01/2013 - DPR agrees to pay $80,000. "Half down now and half after the job is done". MI
  89. 30/01/2013 - googleyed1 account is restored and "everything is smooth again, panic over" (screenshot). F
  90. 31/01/2013 - DPR asks for a status update and if the assassins can handle it. He's been told to send the $40,000. MI
  91. 04/02/2013 - DPR, via anonymous Technocash transfer, sends $40,000. MI
  92. 05/02/2013 - DPR says "pics or it didn't happen!" also "he knows waaay too much". MI
  93. 06/02/2013 - User Silk Road deletes most of the content on the Silk road Wiki. (screenshot) F
  94. 07/02/2013 - Users scout and samesamebutdifferent are the only moderators left (screenshot). F
  95. 08/02/2013 - The UC states the assassins are in place ready to torture him and get the money but now waiting for the employee to be alone because the Employee lived with daughter and wife. MI
  96. 11/02/2013 - Last connection from SR Forum moderator chronicpain. F
  97. 12/02/2013 - Undercover Agent tells DPR the "Employee is still alive but being tortured". MI
  98. 12/02/2013 - Googleyed1 posts an enigmatic message on the forum warning other vendors about a seller screenshot).
  99. 16/02/2013 - Undercover Agent sends staged photographs of The Employee being tortured. MI
  100. 19/02/2013 - Undercover Agent tells DPR that the Employee died during the week end but that he is waiting for an update. MI
  101. 21/02/2013 - Undercover Agent tells DPR that The employee "died of asphyxiation/heart rupture" while being tortured and sends DPR a fake pic. MI
  102. 28/02/2013 - Undercover Agent tells DPR the Employee's body was completely destroyed to eliminate evidence and askd to make sure the second $40,000 was sent. MI
  103. 01/03/2013 - Dread Pirate Roberts sends $40k via anonymous Technocash transfer. MI
  104. 13/03/2013 - Silk Road vendor FriendlyChemist began sending threats to DPR through Silk Road's private message system. FriendlyChemist stated he had a list of real names and addresses of Silk Road vendors and customers. FriendlyChemist threatened to publish the information on the Internet unless DPR gave him $500.000, which FriendlyChemist indicated he needed to pay off his narcotics suppliers. NY
  105. 14/03/2013 - FriendlyChemist further threats to leak vendors and customers info. NY
  106. 15/03/2013 - FriendlyChemist provides DPR a sample of usernames, addresses and order information he wants to leak. He also sends DPR the username/password of a vendor he claimed to have hacked and obtained the data from. NY
  107. 16/03/2013 - Stackoverflow question "how to curl Tor hidden services w/ PHP?" (screenshot). NY
  108. 16/03/2013 - Stackoverflow account name change to "frosty". NY
  109. 19/03/2013 - Post from @the3j35t3r on twitter mentioning DPR. M
  110. 20/03/2013 - Dread Pirate Roberts asks for FriendlyChemist's suppliers to contact him "so he can work out something with them". NY
  111. 25/03/2013 - redandwhite contacts DPR and introduces himself as one of the people FriendlyChemist owes money to. NY
  112. 26/03/2013 - A Reddit user claims to have discover Silk Road real IP address while the site was on maintenance. M
  113. 26/03/2013 - DPR responds, “I don’t owe FriendlyChemist any money” and propose redandwhite to become a vendor on Silk Road. NY
  114. 26/03/2013 - Redandwhite hints at future lucrative business. NY
  115. 27/03/2013 - The Reddit user claims about the IP address leak are confirmed to be false. M
  116. 27/03/2013 - DPR offers up FriendlyChemist's dox and mentions a possible execution. NY
  117. 29/03/2013 - FriendlyChemist (quiet 9 days after 3 days of threats?) delivers 72hr ultimatem before releasing the info, "5000 users details and about 2 dozens vendors identities". NY
  118. 29/03/2013 - DPR contacts redandwhite offering a bounty for FriendlyChemist. NY
  119. 30/03/2013 - redandwhite asks how he can help. NY
  120. 30/03/2013 - DPR asks for pricing and availability. NY
  121. 30/03/2013 - redandwhite pitches high "$150k - $300k". NY
  122. 31/03/2013 - DPR haggles over pricing "Don't want to be a pain here, but the price seems high. Not long ago, I had a clean hit done for $80K". NY
  123. 31/03/2013 - DPR pays redandwhite 1670 BTC. NY
  124. xx/04/2013 - Stackoverflow email change to "frosty@frosty.org". NY
  125. 01/04/2013 - redandwhite states "Your problem has been taken care of... Rest easy though, because he won't be blackmailing anyone again. Ever". NY
  126. 04/04/2013 - Stackoverflow question updated from: "http://kpvz7ki2v5agwt35.onion" to "http://jhiwjjlqpyawmpjx.onion" (screenshot).
  127. 05/04/2013 - At DPR's request redandwhite sent DPR a picture of the victim after the job was done, with random number written on a piece of paper next to the victim that DPR had supplied. NY
  128. 05/04/2013 - DPR wrote redandwhite "I've received the picture and deleted it. Thank you again for your swift action". NY
  129. 30/04/2013 - Inlightof becomes Administrator of the SR Forum. F
  130. 30/04/2013 - A Reddit user posts all vendors email addresses on Reddit. The post will eventually be removed. A back up is posted on silk Road forum. (screenshot) F
  131. 02/05/2013 - Libertas becomes Global Administrator of the SR Forum
  132. 03/05/2013 - Silk Road IP address is reported to have leaked on Reddit /r/silkroad. F
  133. 01/06/2013 - DPR requests chat with redandwhite. NY
  134. 03/06/2013 - "Someone" logged into a server used to administer the Silk Road website from an Internet Cafe located near Ulbricht's residence. NY
  135. 05/06/2013 - DPR asks redandwhite for update on "dummy IDs". NY
  136. 05/06/2013 - Arrest of Casey Jones/truckin/Hughes a Silk Road buyer and seller. M
  137. 14/06/2013 - User Inigo removes administrative rights on the Wiki from Flush and Chronicpain (screenshot). F
  138. 21/06/2013 - Last known vendors pages backup taken from Silk Road before the server migration (archive available in the downloadsection). F
  139. 08/07/2013 - DPR asks “someone” for fake ID. F
  140. 10/07/2013 - U.S Custom and Border Protection intercepted a package from Canada as part of a routine border search. The package contained nine counterfeit identification documents. All with different name but with the photograph of the same person, Ross Ulbricht. NY
  141. 11/07/2013 - Cirrus becomes global moderator of the forum. F
  142. 23/07/2013 - Silk Road Server forensically imaged by Law Enforcement. NY
  143. 26/07/2013 - Homeland Security Investigations interview Ross Ulbricht about the intercepted package containing fake IDs. NY
  144. 31/07/2013 - Arrest of Steve Lloyd Sadler aka Silk Road vendor nod. Criminal complain available here M
  145. 03/08/2013 - Eric Eoin Marques is arrested and Freedom hosting is shut down. M
  146. 22/08/2013 - DRP seems to have changed PGP software as the version doesn't appear anymore. F
  147. 02/10/2013 - Arrest of Dread Pirate Roberts. M
  148. On "The Employee" staged assassination
  150. Based on the Silk Road Maryland indictment, in April 2012 an Undercover (UC) Agent started communicating with Dread Pirate Roberts (DPR). The UC claimed to be a drug smuggler who specialised in moving large quantity of drugs. During the following weeks DPR and the UC will stay in touch. The 7th of December 2012, the UC complained about Silk Road buyers wanting "very small amount" and "it really isn't worth it for him to do below 10kg". DPR offers to look around to find a buyer for a large quantity of drug. He mandates someone known as "The employee" in the indictment to solicit Silk Road's top sellers to find someone who could move large quantity of drugs from the UC. In the indictment the employee seems to have been hired sometime in November 2012 and is paid to respond questions and complaints from buyers and sellers, resolve disputes between buyers and sellers, and investigate possible law enforcement activity on Silk Road.
  151. In May 2012, the following users have high privileges on Silk Road forum and are able to carry administrative tasks:
  153. DigitalAlch - Administrator.
  154. Chronicpain - Global Moderator and Wiki administrator
  155. Nomad bloodbath - Global Moderator.
  156. Limetless - Global Moderator.
  157. squidShephar - Global Administrator.
  158. DigitalAlch will eventually "resign" the 16th July 2012 and thus let the forum administrator position vacant. It is not clear at this point if someone else inherited the position or not. If seniority and knowledge of Silk Road was to be taken into account chronicpain would be a candidate of choice, as he is one of the oldest account and already administrator of the Wiki. However I haven't found anything suggesting that any of the other global moderators (or anyone else) replaced DigitalAlch as Administrator.
  159. The 3rd November 2012 a user, flush, registers an account on the forum and few days later starts to be active as what looks like a Silk Road support role. I haven't found official statement about flush role but its different posts (screenshot 1 and screenshot 2) on the forum strongly suggest that he has advanced privileges on the forum as well as on the Silk Road site:
  161. He is helping users with technical issues
  162. Has access Silk Road support mailbox
  163. Has access transaction number
  164. He can reset user's PIN
  165. Flush last connection on the forum is dated January 26th 2013, which is also the date "The employee" got busted.
  166. Based on the information from the Maryland indictment, flush looks like a good pick for the "Employee" role in the assassination plot:
  168. Hired in November 2012.
  169. High privileges on Silk Road site and forum.
  170. Support role, responding to questions and complaints, resolving disputes between buyers and sellers,
  171. Last connection on the forum the day "the Employee" got arrested
  172. It is not really clear how flush got into that position after only few days active on the forum. It looks like his account was created on purpose for his support role. Maybe an active user creating a new account for the support role only in order to not mix it with his current account? Who knows...
  173. Assuming Flush is "the employee" mentionned in the Maryland indictment who could be the undercover agent? We don't know much about him except that he plays the big dog by introducing himself as "a drug smuggler who specialised in moving large quantity of drugs", minimum 10kg type of guy. Suppliers selling in bulk or high quantity doesn't seem to be that common on Silk Road, so people have a tendency to remember them. One guy who seems to have attracted (screenshot) a lot (screenshot) of attention (screenshot) and questions (screenshot) for his listing of kilos (screenshot 1 and screenshot 2) goes by the name of "nob". Some users on the forum even thinks the low enforcement scam (screenshot) is too big to be true (screenshot). In light of what will follow the latest assumption might be relevant.
  175. On the 12th of February 2012, a vendor going by the name googleyed1 posts an enigmatic message on the Vendor forum warning other vendors and DPR to not deal with nob:
  177. "So I'm not going to say much but I feel some people should be warned, this seller has cost me 6 months work. It is very dangerous to deal with him and my honest advice is to avoid at all costs. DPR... I am just doing this to protect the other sellers, please understand this. I would not want even my worst enemy to go through what I have with this guy". (screenshot).
  178. Request Unfortunately, I do not have access to the vendor forum and the previous message was taken from a quote posted on one of the numerous threads related to nob. Access to the thread, the quote was taken from on the vendor forum, would probably clear up some of the mystery. If anyone with access to the vendor forum roundtable could get the information it would be really useful. Backups of the vendor roundtable seems to be floating around, if you managed to get your hand on them, please consider sharing.
  179. This nob guy could be a good pick to play the part of the undercover agent (Would you say it passes the duck test?).
  181. Deals large quantity of drugs (or pretend to).
  182. Prefers dead drop instead of recommended use of mail for delivery.
  183. Doesn't have much positive feedbacks and no one ever claimed to have bought anything from him (maybe once in very small quantity).
  184. Only user having dealt with nob to some extend recommended other vendor to stay away from him at all cost.
  185. Publicly says he wants to get in with DPR.
  186. Suspected law enforcement.
  187. Few days after the arrest of DPR, a thread starts on the forum where users speculates on the identity of the "Employee", the "Vendor" and the "Undercover agent". A vendor, googleyed1 (remember the one sending the warning on the Vendor forum about Nob), replied to the thread in order to "clear some things up" (screenshot) and makes the following statements:
  188. Googleyed1 is "The Vendor".
  189. The guy who got busted was chronicpain former Silk Road administrator and "friend" of DPR.
  190. Nob was indeed and without much surprise an undercover agent and Googleyed1 knew about it but for some reason DPR backed nob up and recommended him to Googleyed1.
  191. Chronicpain offered to be a re-shipper for Googleyed1 and got the drug delivered at his place.
  192. Chronicpain offered to be a re-shipper for a cut on the product which was destined to the Silk Road market (screenshot).
  193. The drug was delivered via USPS and it wasn't a drop (screenshot).
  194. DPR wasn't involve nor participate in the transaction, he only backed nob (screenshot).
  195. Googleyed1 being based in the UK, it is possible nob didn't want to ship in Europe. As chronicpain was involved from the beginning, googleyed1 probably asked him to act as his re-shipper, offering him a cut on the delivery. Chronicpain would have then shipped the whole product in the UK for googleyed1 or sell it through the US on behalf of googleyed1. In any case it looked like Googleyed1 was quite confident the deal will go through and started advertising its new product on the forum (screenshot).
  196. It might be surprising to have chronicpain involved in this deal as flush ticked all he boxes to be "The Employee". However looking at the timeline and other particularities of both accounts one could extrapolate the same person managed both handles :)
  198. The 12th of November 2012, few days after flush registered on the forum, chronicpain writes hist last post in a style really close from someone having some support responsibilities (screenshot). Some of his latest posts also have a similar "tone".
  199. The 26th of January 2013, last connection from flush on the forum. The exact same day "The employee" is busted.
  200. The 12th of February 2013, last connection from chronicpain on the forum. The following day the UC sends a message to DPR telling him "Employee is still alive but being tortured".
  201. As suggested previously it would have make sense for chronicpain to be "promoted" as SR Support staff since he was one of the longest forum moderator and administrator of the wiki
  202. Chronicpain used to be a semi-professional (screenshot) poker player (screenshot) and is a keen gambler (screenshot). In a similar way flush seems to have some interest in gambling as well, using the lyrics of Kenny Rogers's song "The gambler" near its avatar. "You got to know when to hold 'em, know when to fold 'em" (screenshot). This sentence being often associated with and quoted by poker players.
  203. A "Flush" is also a poker hand such as Q♣ 10♣ 7♣ 6♣ 4♣, where all five cards are of the same suit, but not in sequence.
  204. I don't want to mention the over use of ellipsis (...) in both writing styles but I have to... since it is noticeable.
  205. Googleyed1 is 100% confident chronicpain was the "Employee" who got busted. It could be explained by the fact that chronicpain was using his "chronicpain" handle to communicate with googleyed1 and his "flush" handle to communicate with UC/nob.
  206. The assassination plot seems partially solved according to this theory. However some questions remain unclear:
  208. Why DPR got involved with nob, where many users seems to have seen the scam from miles away. Googleyed1 suggested DPR got sweet talked and saw the commission (understand money $$$ here) from a big seller.
  209. Why Googleyed1 apparently suspicious of nob from the beginning (as everyone else) agreed to deal with him, even if he was backed by DPR.
  210. Did chronicpain/flush really turned rogue before the bust and stole the alleged Bitcoins from several top vendors?
  211. Why is googleyed1 bragging about being the "Vendor"? Bold move to admit having been part of a drug deal mentioned in a court indictment involving the prime suspect of a high profile drug market place whereas in the same time the police is arresting buyers and sellers worldwide. Low profile would be a smarter tactic, considering the other two persons involved are behind bars. Unless...
  212. Opiates, Poker and Cocaine
  214. Ross Ulbricht, who was arrested the 2/10/2013 and is allegedly Dread Pirate Robert, seems to have made some obvious mistakes online regarding his real identity which helped law enforcement to identify him and arrest him. Plenty has been said about his bad "opsec" and there isn't much to add about it for the moment.
  216. However there are still some really interesting "characters" in this story. "The Employee" is one of them which has not received much attention despite the fact he played an important part in the "first act" of the DPR investigation. In the following lines we will try to find out a bit more about him and if the theory of chronicpain/flush being "the Employee" exist as already discussed in "The Employee assassination plot" above. What follow is not a parallel construction and the observations are based on a timeline following our findings.
  218. The only information we've got about "The employee" can be found in the Maryland indictment. Following our theory of chronicpain/flush and the Employee being the same person, another set of information we can rely on are the posts from chronicpain and flush on the Silk Road forum1. We've compiled below a list of "quotes" and "facts" extracted from various posts of chronicpain 2 (The posts from flush being minimalist).
  220. "I am in charge of a web site that sells products and takes credit cards every day. I do go thru authorize.net"
  221. "I am very opiate tolerant"
  222. "Opana is not oxycontin, It's much much stronger"
  223. "Opana is Oxymorphone not hydrocodone"
  224. "Most of you know that Im all about harm reduction"
  225. "Im not a smoker"
  226. "I was a paramedic for 20 years and went through nursing school. Like I said in another thread, I couldn't finish due to an accident."
  227. "Experience with Drupal? I have made my last 2 sites with it and absolutely love it...Easy to manage, change things, etc.."
  228. "That's exactly what happened to my wife. It took a 3 month stint in jail to get her sober. She has been clean and awesome for over 10 years."
  229. "There are a lot of other forums, like poppies.org, opiophile, bluelight, etc that is in clearnet (they talk about much more and with much more detail than here) I have never heard anyone get into trouble."
  230. "My daughter (who just got married) had her mail returned because she used her married name instead of her maiden."
  231. "In fact when I was getting adderall, when they first went generic on the ER"
  232. "Technically, an 80mg oxycontin is equal to 40mg of opana ER. TAKEN ORALLY!! Now, if you snort them, 40mg of opana is 2 or 3 times the strength vs a snorted 80mg oxy. IV its about 3-4 times the strength. Would you consider getting an oxycontin 80mg for 15 or 20 bucks? thats basically what you are paying if you buy an opana 40mg ER for around 60 bucks."
  233. "I could barely make a profit with my lost luggage delivery service. I would get paid between 20-100 bucks a bag, depending on where it had to be delivered. with only one airline, I had about 10 vehicles and there was no way I could go more than a couple hundred miles away from the airport. I eventually had to give it up because I was losing too much money. I guess you could get a taxi network going. Have one taxi hand it off to another taxi, etc. but the costs are going to be so high, it just wouldnt be worth it. Plus, with usps/fedex/ups how can you compete with their prices and delivery times?"
  234. "For those under 45 years old"
  235. "Luckily I got a position with my dads company"
  236. "Used to be in the movie business. I couldn't stand when the actors had to use the clove cigarettes."
  237. "Used to live in the costa del sol.... Gotta love Malaga, Motril, Jaen, Granada.... I liked Sevilla as well, but Cadiz, and Malaga were my favorites....... (the summer is very hot) but the winters are mild and the spring and fall are just superb......"
  238. "When i used to be a manager at high very popular cell phone chain"
  239. "Are you getting the the OP 80s or the old school 80's"
  240. "I usually get Mallincrodt brand roxies."
  241. "I have gotten this message a few times. I never say ok. but it does come up every once in a while. Its not silk road either, I just tried to send an email with hushmail and got the same message not 2 minutes ago.."
  242. "Never say " I have ten pounds of such an such, How do I iv it?" instead, you would say "I've heard that you can do such and such with this, is this correct? any advice?" That way you aren't implicating yourself in anything. there are a lot of other forums, like poppies.org, opiophile, bluelight, etc that is in clearnet (they talk about much more and with much more detail than here) I have never heard anyone get into trouble. (not saying that nobody has) just don't implicate yourself or others. Never mention any specif items that could identify you or others in any way. It's not that hard."
  243. I will get a touchpad for sure, ill just keep looking, dont want to pay more than 200 bucks for one.. the one I found was 250
  244. "I am a semi-pro poker player. I used to be a full on pro poker player. Since I can't play online in the states anymore its made it much more difficult."
  245. "I have cashed in 2 WSOP events and many other events".
  246. "I have started to gamble a bit in sports.. If you know what your doing and have control, you can make a lot of money..."
  247. It isn't much but we can already draw a low hanging fruit profile of the dude (assuming whatever he says is true).
  248. He is in his 40s (probably late 40s) has a wife and daughter whom is married.
  249. He seems to be very knowledgeable about pharmaceutical drug with a keen interest and need for everything related to opioid (Oxymorphone, oxycontin, opana etc.) and benzos.
  250. His nickname could imply that he might be suffering himself from chronic pain (thus the pharmaceutical drug knowledge and use).
  251. He campaigns on drugs harm reduction.
  252. He likely spend some time on other boards and forums like poppies.org, opiophile and bluelight.
  253. He is a drug user as well as a seller on Silk Road.
  254. He is quite technology aware (GPG, Drupal, Touchpad, etc.)
  255. He is a "semi-pro" poker player and used to be a "professional player". He cashed in in two World Series Of Poker.
  256. He used to be a paramedic for 20 years before an accident.
  257. He used to be a manager for a cell phone chain.
  258. He used to be in the movie business
  259. He used to have his own transportation business.
  260. He used to live in Spain.
  261. He is a keen gambler.
  262. A quick google search on his nickname does not help much as it returns way too many results on chronic pain symptoms, management treatment and relief. We need to narrow the search scope.
  264. Using specific combined keywords.
  265. Limiting the search scope.
  266. The boards and forums mentioned previously look like a good start to limit the scope of the search. Searching for the nickname "chronicpain" has the annoying effect of returning large unrelated results on chronic pain treatment and relief. "Flush" also has that really frustrating habit of returning all sort of things that can be flushed somewhere.
  268. We need to focus on the content of the posts which could help us match the profile of chronicpain rather than an unlikely look-a-like nickname.
  270. The method we followed here is:
  272. Search keywords unrelated to the forum main interest/topic in order to hit posts engaging personal discussion related to the person we know something about ("costa del sol", "poker", "wife", "daughter", "silk road", "paramedic", "transportation service" for example).
  273. Quote exactly full or part of messages posted on Silk Road within the scope of the forum, in this case drug related ("Im all about harm reduction", "I am very opiate tolerant", etc.).
  274. Within the results returned, go through the different posts and extract the poster nickname which could fit a potential candidate.
  275. Run the two previous searches type through the posts of the candidate.
  276. Extend searches of potential candidate attributes (email address, nickname, habits etc.) to search engines.
  277. Start again.
  278. We're not going to go through the long and boring process of the combined searches but it was possible to isolate an interested profile named pokergooch.
  280. One of the early forum pokergooch subscribed is bluelight.ru in 2006. Few years later in 2009 he will be an active member of another drug related board opiophile.org. They are both quite famous drug related forums which have also been mentionned several times by chronicpain (screenshots) on Silk Road.
  282. From his different posts on both forums we can see a quite deep knowledge and interest in pharmaceutical drug and how to used them for pain relief (preferably without using intravenous method), characteristics also shared with chronicpain. As chronicpain, pokergooch has a wife and a daughter of whom he likes talking about. Pokergooch first post on opiophiles.org (screenshot) is actually about his wife and how she is drug tested on weekly basis and got tested positive for methamphetamines. Through several posts we also learn that both pokergooch's daughter as chronicpain's daughter is under Adderall (screenshot).
  284. Digging further other interesting similarities between chronicpain and pokergooch can be highlighted 3. They both:
  286. Recommend the use of a combination of clonidine, lopedermine and benzos (Xanax) against opiates withdrawal. This combination doesn't seem to be the only one and others might recommend something different. (screenshots).
  287. Have very bad headaches side effect caused by the absorption of Neurotin. (screenshots).
  288. Need testosterone due to low sex drive caused by the large amount of opiate consumed. (screenshots).
  289. Are very cautious about the use of fentanyl. (screenshot).
  290. Registered on Silk Road and its forum in fews days of interval. (screenshots).
  291. Seem to like to tell that anecdote, which happened 10 years ago, about that Canadian scammer who disappeared with quite a lot of cash. (screenshots).
  292. Lived in spain. We can find on picasa an account belonging to "pokergooch" geotagged in Spain where the picture of a dog is posted (sasha.jpg). (screenshots).
  293. Do not smoke (screenshots).
  294. Have a soft spot for Touchpads  (screenshots).
  295. We certainly don't have enough to assert pokergooch and chronicpain are the same person, but it looks like we are on a good path.
  297. Pokergoosh as his nickname implies is also a keen poker player which, according to his sayings, makes must of his incomes playing poker at a pro/semi-pro level (screenshot). Interesting enough it is another particularity he shares with chronicpain (screenshots). Extending the search of "pokergooch" on different search engines returns extremely interesting results:
  299. A post on a poker forum from a user named "gooch" provides us an MSN username and an email address. (screenshot).
  300. The same email address has been used as email contact for a website named "anytimeairportshuttle.com" registered in Spanish Fork, Utah. Pokergooch also seems to be from Utah (screenshot 1 and screenshot 2).
  301. The company is registered at the same physical address than the website and categorized under "airport transportation services, regular route", established in 2005 by a man going by the name Curtis C. Green (screenshot). Do you remember chronicpain mentioned on Silk Road he used to own a transportation service company? Yes spot on (screenshot)
  302. Other searches link the nickname pokergooch to a person named Curtis Green (screenshot).
  303. Now switching focus on that Curtis Green guy we found out that he is as well a poker player and has participated and cashed in in two World Series Of Poker (WSOP) events (screenshot). Do you remember when chronicpain was bragging about having "cashed in two WSOP events and many other events" (screenshot)?
  305. For some reason the Curtis Green listed on the Hendon Mob website player profile is marked as coming from Itasca, Illinois. It is probably a mistake since the official WSOP website for the 2010 WSOP event in Las Vegas lists him as coming from Spanish Fork, Utah (screenshot).
  307. If you still have doubts on the correlation between chronicpain, pokergooch, the "Employee" and Curtis Green, what comes next should finished to convince you:
  309. Curtis Green
  310. On January 17th 2013 at 14:16 Curtis Clark Green is arrested in Spanish Fork, Utah, for possession of cocaine by the Utah County Major Crimes task force (UCMC). Does the date sounds familiar? Going back to the Silk Road timeline and the Maryland indictment, on January 17th 2013 "undercover federal agent delivered one kilogram of a mixture or substance containing a detectable amount of cocaine to The Employee".
  312. The 18th of January 2013, Curtis Clark Green is released on bail.
  314. From this moment, there isn't much traceable activity (we didn't look much further yet) from neither chronicpain/flush nor pokergooch. We haven't been able to access potential court documents, indictments on Curtis Clark Green, if any exist, so it is difficult to say what are the real charges against him and if he cooperated with law enforcement.
  315. Request If someone can access that bloody PACER system and run searches please don't hesitate to get in touch.
  316. What follow is speculation and food for thoughts:
  318. Few days after having been released we know The employee has been accused of having stolen bitcoins from some top Silk Road vendors, which could easily be explained by vengeance or anger after having been busted and a need of cash.
  319. Did the Employee cooperated with the Law enforcement to help somehow the identification of DPR? Assuming he knew his identity or enough to localise him it could explain why DPR try to have him killed.
  320. Why did chronicpain accepted to get a kilo of cocaine delivered at his address whereas he showed very few interest if not no interest at all in cocaine. His business it is narcotic opioid, which seems to work good enough since he has some kind of unlimited supply due to his condition and a friendly doctor. It doesn't make much sense.
  321. Is it possible he cooperated with Law Enforcement before the bust? We managed to link Curtis Clark Green to chronicpain and with the large footprint he has on Internet we're surely not the only ones
  322. He may as well be still around cooperating with LE and run several accounts on other drug marketplace and forums...
  323. It is a good story so far, but we've decided to keep what we consider the best part of it for the end. The final chapter of this act. It is at the end for the simple reason that we missed it while investigating the relationship between chronicpain and pokergooch. While reviewing some of the notes and links to complete this part of the story we found an amazing post on opiophile.org that for some reason we've missed before. I'm still not sure how we missed that but it is definitely a must read. The original post can be found here: "Plea and abayance is over! My brush with LE" (screenshot). Yes, you are reading the title correctly.
  324. TL;TR Curtis Green and his wife got busted back in 2006 for some weird insurance fraud involving what appear to be a misunderstanding and a dodgy doctor in Las Vegas easily giving scripts away. The FBI got involved and pressure Green and his wife to involve the Vegas doctor. Green's wife turned CI in Vegas as part of the deal to get the doctor arrested.
  325. This news article covers part of the story, from a different angle.
  327. Notes
  329. A copy of the forum is available in the download section in case it is shutdown. [back]
  330. An extract of all chronicpain posts on the Silk road forum, thus including the quotes, is available in the "key users" archives [back]
  331. The exact links to the different posts discussed is left as an exercise to the reader. [back]
  332. Credit and Resources
  334. [ DPR court cases ] - Different files related to Ross Ulbricht and the Silk Road case.
  335. [ Silk Road Forum ] - Original Silk Road forum.
  336. [ Free Ross Ulbricht ] - Ross Ulbricht legal defence fund. We used some of the python script provided by the forum DPR archives
  337. [ Hacker Tradecraft ] - Counterintelligence, OPSEC and tradecraft for hackers. We used the Silk Road events timeline posted on there as a template.
  338. [ All things vice ] - Blog on Silk Road, DPR and drug marketplace.
  339. [ Silk Road: Theory & Practice ] - Best resources on Silk Road available on Internet (among other really interesting things).
  340. [ The Daily Dot ] - Investigative online newspaper. Covered quite a lot on Silk Road.
  341. Download
  343. SR Vendors profile (includes StExo backup of the vendor pages).
  344. Archives of some key users forum posts and messages.
  345. StExo backup of the Silk Road forum.
RAW Paste Data