The Federal Bureau of Investigation (FBI) appears to have used a leak in the Captcha to find out where the Silk Road drug market's servers are located, according to documents and witness statements filed in court late last week.
The former FBI agent, Christopher Tarbell claimed that his service was able to locate Silk Road's anonymous servers using an IP leak discovered in σελίδα connection of the site, which contained the Captcha.
Recall that the anonymous online drug market went offline in October last year, and its administrator, Dread Pirate Roberts, γνωστός και ως Ross William Ulbricht, was arrested at the San Francisco airport.
The Silk Road used the anonymous network Tor network to maintain the true IP address of the web server secret, but according to Tarbell's statement (PDF) the FBI spotted the Silk Road server by using the page's leak website which contained Captcha.
"The leak of the IP address came from Silk Road user login interface, ”said Tarbell. "After examining the individual data packets sent behind the website, we noticed that the headers from some packets reflected a specific IP address that was not associated with any of the known IPs of the Tor nodes and appeared to be the source of the packets. ”
“When we entered the IP address into a regular (non-Tor) web browser, a portion of the login page Silk Road (the Captcha prompt). "Based on our training and experience, we learned that the IP indicated the IP address of the SR Server, and that the 'leak' from the SR Server was because the login page code was not properly configured to work through Tor."
Former Washington Post columnist and security researcher Brian Krebs posted excerpts from Tarbell's statement on the Krebs on Security website over the weekend, saying the mistake could be described as a "noob mistake."