The Federal Bureau of Investigation (FBI) seems to have used a leak in Captcha to find out where the drug market servers are Silk Road, according to documents and witness statements filed in court late last week.
The former FBI agent, Christopher Tarbell claimed that his service managed to locate the anonymous Silk Road servers using an IP leak found on the site's login page, containing Captcha.
Let's remind that the anonymous online drug market was offline last October, and its manager, Dread Pirate Roberts, also known as Ross William Ulbricht, was arrested at San Francisco Airport.
The Silk Road he used the anonymous network Tor network to maintain its true IP address web server secret, but, according to Tarbell's testimony (PDF) the FBI spotted the Silk Road server by using the page's leak website which contained Captcha.
"The leak of the IP address came from Silk Road user login interface, ”said Tarbell. "After examining the individual data packets sent behind the website, we noticed that the headers from some packets reflected a specific IP address that was not associated with any of the known IPs of the Tor nodes and appeared to be the source of the packets. ”
“When we entered the IP address into a regular (non-Tor) web browser, a portion of the login page Silk Road (the Captcha prompt). "Based on our training and experience, we learned that the IP indicated the IP address of the SR Server, and that the 'leak' from the SR Server was because the login page code was not properly configured to work through Tor."
Ο πρώην αρθρογράφος της Washington Post και ερευνητής ασφαλείας Brian Krebs, δημοσίευσε τμήματα της δήλωσης του Tarbell στην ιστοσελίδα του Krebs on Security το Σαββατοκύριακο, και ανέφερε ότι το λάθος αυτό μπορεί να χαρακτηριστεί σαν “noob mistake. "