The Federal Bureau of Investigation (FBI) seems to have used one leakage in the Captcha to understand where the narco servers are locatedmarket Silk Road, according to documents and witness statements filed in court late last week.
The former FBI agent, Christopher Tarbell claimed that his service was able to locate Silk Road's anonymous servers using an IP leak discovered on the page connectionof the site, which contained the Captcha.
Let's remind that the anonymous online drug market was offline last October, and its manager, Dread Pirate Roberts, also known as Ross William Ulbricht, was arrested at San Francisco Airport.
The Silk Road used the anonymous network Tor network to maintain its true IP address web server secret, but, according to Tarbell's testimony (PDF) the FBI spotted the Silk Road server by using the page's leak website which contained Captcha.
"The leak of the IP address came from Silk Road user login interface, ”said Tarbell. "After examining the individual data packets sent behind the website, we noticed that the headers from some packets reflected a specific IP address that was not associated with any of the known IPs of the Tor nodes and appeared to be the source of the packets. ”
“When we entered the IP address into a regular (non-Tor) web browser, a portion of the login page Silk Road (the Captcha prompt). "Based on our training and experience, we learned that the IP indicated the IP address of the SR Server, and that the 'leak' from the SR Server was because the login page code was not properly configured to work through Tor."
Former Washington Post columnist and security researcher Brian Krebs posted excerpts from Tarbell's statement on the Krebs on Security website over the weekend, saying the mistake could be described as a "noob mistake."