FBI: Mis-configured CAPTCHA revealed the Silk Road server location
The United States Federal Bureau of Investigation (FBI) has explained how it took down the infamous Dread Pirate Robets aka Ross Ulbricht’s Silk Road using a leaky CAPTCHA prompt.
The alleged owner of Silk Road marketplace, which was shut down last October, Ross William Ulbricht, is charged in the US with computer hacking, drug trafficking and money laundering.
FBI, in a legal rebuttal filed in a New York court, admitted that a hole in the online drugs marketplace’s anonymity was due to a leaky CAPTCHA prompt, which left a trail from the TOR-protected servers of Silk Road to the public Internet, revealing the host location.
Explaining that the IP address leak was from the Silk Road user login interface, FBI said that the individual packets of data sent back from the website had a certain IP address as the source in the header, which was reportedly the only non-Tor source IP address reflected in the traffic.
The FBI said that this IP address caught its attention as if properly configured to work on Tor, the true IP address must be concealed. When the federal agents typed he IP address into a web browser (non-Tor), the CAPTCHA prompt (a part of the Silk Road login screen) appeared, concluding that it was IP address of the SR Server.
The rebuttal follows the Ulbricht’s motions accusing the FBI of potentially illegal investigation. Denying its accusations, FBI said that the investigation was fair and within the rules.
According to the document, there isn’t any evidence of any governmental misconduct to support Ulbricht’s sweeping claim, adding that he “conjures up a bogeyman – the National Security Agency (NSA)” which he suspects to be responsible for locating the SR server without any proof and assumes that it violated the Fourth Amendment.
FBI made it clear that the facts “are not at all what Ulbricht imagines them to be” stressing that the NSA was not responsible for locating Silk Road server but the FBI, using “perfectly lawful means.”