Hunters on the Dark Net
- October 31, 2021
- Clayton Rice, K.C.
The United States Department of Justice has announced the results of Operation Dark HunTor described as a coordinated investigation on three continents to disrupt opioid trafficking on the dark net. The operation, conducted across the United States, Europe and Australia resulted from the partnership between the U.S. Joint Criminal Opioid and Darknet Enforcement team and Europol. The investigation culminated in numerous arrests and the seizure of multiple kilograms of drugs, firearms and millions in cash and virtual currencies. Although Operation Dark HunTor was preceded by the successful dismantling of other online drug emporiums in recent years, these international investigations have achieved little to assuage continuing concerns about the efficacy of the war on drugs.
Over the past two years the U.S. Joint Criminal Opioid and Darknet Enforcement team (J-CODE) has collaborated with Europol to leverage partnerships with multiple law enforcement agencies to disrupt opioid vendors on the dark net and dismantle enterprises designed to facilitate drug trafficking. I have not discussed online drug marketplaces since my post to On The Wire titled Silk Road and the prosecution of Ross Ulbricht who is serving two life sentences at the United States Penitentiary, Tuscon, Arizona. On February 4, 2015, Mr. Ulbricht was convicted of multiple counts including conspiracy to distribute narcotics by a Manhattan jury. On May 31, 2017, his appeal from conviction and sentence was dismissed by the United States Court of Appeals, Second Circuit. (here) From a number of subsequent international investigations in recent years I have selected three of the more high profile ones.
On January 29, 2018, U.S. Attorney General Jeff Sessions announced the formation of the FBI operation called Joint Criminal Opioid Darknet Enforcement in Pittsburgh, Pennsylvania. Pittsburgh appears to have been a carefully chosen site. According to the Pennsylvania State Coroner’s Association report on overdose statistics, published in 2016, four counties in southwestern Pennsylvania had 100 or more drug related deaths: 648 in Allegheny County, 184 in Westmoreland Country, 109 in Washington County and 102 in Beaver County. Although the investigation of cybercrime on the dark net would be the focus of J-CODE’s operations, other investigative techniques will continue to be used such as sting operations, the seizure of servers and tracking of postal deliveries.
The European Union Agency for Law Enforcement Cooperation (Europol) is the law enforcement agency of the European Union that administers cooperation between authorities of member states to combat organized crime. (here) It was established at The Hague, Netherlands, in 1993, and initially was called the Europol Drugs Unit. It is mandated by the European Union to assist member states in the investigation of drug trafficking, human trafficking, cybercrime, counterfeiting and terrorism by functioning as a hub for law enforcement cooperation and intelligence. Its officials do not have powers of arrest and cannot conduct investigations without prior approval of national authorities.
3. Targeting Traffickers on the Dark Net
The dark net is a part of the internet hosted within an encrypted network. It is not indexed by search engines. It is accessible only through specialized tools like the Tor browser that provide anonymity. Although often associated in the public imagination with illegal activity, not everything available on dark net websites is illegitimate. However, for purposes of my discussion in this post, I will focus on the dark side of the dark net. In an article titled What is the dark web? How to access it and what you’ll find published by CSO online on July 1, 2021, Darren Guccione referred to a study by Daniel Moore and Thomas Rid of King’s College, London, that classified 2,723 live dark net sites. The researchers found over a five week period in 2015 that 57% of the sites hosted illicit material. (here) Mr. Guccione, the CEO and co-founder of Keeper Security, went on to describe the breadth of some hot ticket items – drugs, guns, credit card numbers, counterfeit money and hackers-for-hire.
On October 26, 2021, the United States Department of Justice announced the results of Operation Dark HunTor conducted across the United States, Europe and Australia. (here) The investigation built on the takedown of DarkMarket earlier this year on January 21, 2021. At the time, DarkMarket was reputed to be the largest illegal marketplace on the dark net. (here) The international operation that took DarkMarket offline involved Germany, Australia, Denmark, Moldova, Ukraine, the United Kingdom and the United States. Europol supported the takedown with specialist operational analysis and coordinated cross-border collaboration. The alleged operator, an Australian citizen, was arrested near the German-Danish border. Led by the cybercrime unit of the Koblenz Public Prosecutor’s Office, investigators closed the marketplace, switched off the servers and seized the site’s infrastructure. The stored data provided a trove of evidence from which key targets were then identified.
Operation Dark HunTor resulted in the arrest of 150 traffickers engaged in the sales of drugs and other illicit goods and services across Australia, Bulgaria, France, Germany, Italy, the Netherlands, Switzerland, the United Kingdom and the United States. Over $31.6 million in cash and virtual currencies was seized. Sixty-five of the arrests were made in the United States. (here) U.S. Deputy Attorney General Lisa Monaco said investigators found that dark net vendors were operating fake laboratories to produce fake pills, designed to look like prescription pain medication, that were laced with fentanyl, methamphetamine and other drugs. The operation was specifically designed to target “drug distributors who use the darknet to traffic these illicit drugs and items like pill presses, which are fueling the ongoing opioid crisis plaguing our communities,” she added. (here)
On September 22, 2020, almost a year before announcing the results of Operation Dark HunTor, the United States Department of Justice released the results of Operation DisrupTor which was another investigation involving J-CODE and Europol. Each of these coordinated investigations built on the success of previous ones. Operation DisrupTor built on Operation SaboTor and the coordinated takedown of Wall Street Market (WSM). The latter, again, was one of the largest marketplaces on the dark net that sold a variety of contraband including narcotics, counterfeit goods and malicious computer hacking software. (here) A criminal complaint filed in the U.S. District Court in Los Angeles, California, asserted that three defendants, in custody in Germany, were the administrators of WSM. The marketplace operated in six languages that allowed 5,400 vendors to sell illegal goods to approximately 1.15 million customers worldwide. Like Silk Road, WSM functioned as an e-commerce website but was hidden from conventional internet browsers on the Tor network. An “exit scam” was allegedly implemented by the administrators when approximately $11 million in virtual currency held in escrow and user accounts was diverted to their own accounts.
Operation DisrupTor resulted in the seizure of over $6.5 million in cash and virtual currencies, 500 kilograms of drugs and 63 firearms. The international investigation led to 121 arrests including two in Canada at the request of the United States. The nine month investigation generated multiple federal prosecutions in California, Ohio, Virginia, Texas and Georgia. Arden McCann of St-Bruno, Quebec, south of Montreal, was charged in a four count indictment with conspiracy and money laundering by a grand jury in Atlanta, Georgia. He was arrested by the Royal Canadian Mounted Police, one of the participating law enforcement agencies. (here) It is alleged that he imported alprazolam, fentanyl, U-47700 and fentanyl analogues such as carfentanyl, furanyl fentanyl, 4-fluoroisobutyryl fentanyl, acryl fentanyl and methoxyacetyl fentanyl into the United States from Canada and China. A superseding indictment further alleges that fentanyl analogues he imported into the United States resulted in an overdose death and a non-fatal overdose in 2016.
On March 26, 2019, J-CODE announced the results of Operation SaboTor. It was the second J-CODE coordinated action having been preceded by Operation Disarray. (here) Operation SaboTor was conducted between January 11, 2019, and March 12, 2019, and was composed of a series of separate but complementary joint operations. The collaborative effort of J-CODE and Europol engaged the U.S. Drug Enforcement Administration, the FBI, the Department of Homeland Security, U.S. Customs and Border Protection, the U.S. Postal Inspection Service, the Department of Justice and the Department of Defense. It resulted in 61 arrests and shut down 50 dark net accounts. The law enforcement agencies executed 65 search warrants, seizing 299.5 kilograms of drugs, 51 firearms and more than $7 million in cash, virtual currency and gold. (here) Operation SaboTor had its genesis in a heroin overdose scene in Knoxville, Tennessee, when first responders found a man dead in his home. A manila envelope with postage and markings led the FBI to coordinate with the postal inspection service which developed into an eight month investigation culminating in the arrest of five suspects in Los Angeles. (here)
The press releases following the official announcement of each investigation were accompanied by predictable chest thumping about the takedown of another cybercrime emporium. “The Darkweb is not as dark as you think,” said Europol Executive Director Catherine De Bolle at the conclusion of Operation SaboTor in 2019. “This international coordinated approach demonstrates law enforcement’s determination to tackle crime on the Darkweb and to reduce the number of people who fall victim to criminals selling life-endangering products or scamming them for their own gain,” she added. When the results of Operation DisrupTor were announced in 2020, U.S. Deputy Attorney General Jeffrey Rosen said the 179 arrests “show[ed] that there will be no safe haven for drug dealing in cyberspace.” And this month, U.S. Deputy Attorney General Monaco said the results of Operation Dark HunTor “sen[t] one clear message to those hiding on the Darknet peddling illegal drugs: there is no dark internet.”
Yet, the lingering critique of the war on drugs will not go away. With every takedown of a drug enterprise whether online or not, with each round of arrests, and with each successive prosecution, the question persists. Would the vast human and financial resources expended to grease the revolving door of international drug investigations be better spent in other ways? On October 23, 2021, Dario Antonio Usuga, known as Otoniel, Columbia’s most sought after drug lord and leader of the Clan del Golfo, was captured at his jungle hideout. Columbia Risk Analysis director Sergio Guzman told The Guardian that a new leader would be waiting to take over. (here) “It’s a big deal because he’s the biggest drug kingpin in Columbia,” Mr. Guzman said, adding that the capture would not change the fundamentals of drug trafficking.