Silk Road 2.0 making users whole after hack

For those unfamiliar with the shadier side of bitcoin, Silk Road 2.0 is the second incarnation of the multi-million dollar online narcotics exchange that deals entirely in crypto-currency. More than a simple exchange, however, the site has developed an extremely resilient community that has survived not one, but two massive setbacks.

The demise of Silk Road 1.0

Then called simply ‘Silk Road,’ the exchange was shut down by the feds in October of 2013, Motherboard reported at the time. In its place was a message from the U.S. government, explaining that the site had been seized by the FBI, acting in conjunction with the IRS Criminal Investigation Division, ICE Homeland Security Investigations and the DEA.

The site’s 29-year-old operator, Ross William Ulbricht, was charged with drug trafficking conspiracy, computer-related fraud and conspiracy to launder money, listed under his alias “Dread Pirate Roberts,” according to the news source. FBI agent Christopher Tarbell, who wrote the indictment, explained that his agency made more than 100 transactions on the site over the course of the investigation. The FBI also obtained a mirror of the Silk Road server in an unnamed foreign country and was able to surveil the website’s real-time traffic. Tarbell explained that between February 2011 and July 2013, the FBI estimated that Silk Road facilitated a shocking $1.6 billion in sales, pulling in $80 million in commission.

The criminal complaint also alleged that Ulbricht attempted to hire a hitman to kill a user of the website, known as “FriendlyChemist,” who was blackmailing him for $500,000 with the threat of dumping ID information for thousands of Silk Road users, Motherboard explained. The feds said that he offered to pay an assasin $150,000 in bitcoin.

“In my eyes, FriendlyChemist is a liability and I wouldn’t mind if he was executed…I would like to put a bounty on his head if it’s not too much trouble for you,” Ulbricht allegedly wrote to hitman “redandwhite.” “What would be adequate amount to motivate you to find him? Necessities like this do happen from time to time for a person in my position.”

Tarbell wrote, however, that he could find no record of there being a Canadian resident possessing the name of the alleged victim, the news source reported, and further that Canadian law enforcement had “no record” of a homicide that matched the suggested date and location.

Silk Road 2.0 and hacked bitcoin

Shortly after the demise of the first Silk Road, a second version emerged under new leadership. This incarnation enjoyed rapid growth, which may be partly attributable to the high media profile that the original Silk Road held at the time. On February 13, however, shortly after the Mt. Gox exchange halted withdrawals, site operator “Defcon” posted a message claiming that a user had exploited the infamous “transaction malleability” bug to clean out the website’s bitcoin holdings, reported Forbes.

“I am sweating as I write this… I must utter words all too familiar to this scarred community: We have been hacked,” Defcon wrote. “Our initial investigations indicate that a vendor exploited a recently discovered vulnerability in the Bitcoin protocol known as “transaction malleability” to repeatedly withdraw coins from our system until it was completely empty.”

The users of Silk Road 2.0 largely eyed the announcement with suspicion. Many felt that the site’s admins were using transaction malleability as a scapegoat for their own incompetence, while others alleged that the site’s operators themselves had stolen the coin, the news source explained. In a move that displayed surprising honesty for a digital drug criminal – or perhaps just good business acumen – Defcon denied the allegations, but took full responsibility.

“I didn’t run with the gold,” Defcon wrote. “I have failed you as a leader, and am completely devastated by today’s discoveries…It is a crushing blow. I cannot find the words to express how deeply I want this movement to be safe from the very threats I just watched materialize during my watch.”

The silk road to recovery

While many of those affected by the hack could be forgiven for viewing the latter statement with similar skepticism, the latest buzz on the website is “faith restored,” according to a more recent Motherboard article. Rather than simply wash his (or her) hands of the mess, Defcon continued to run the website, with a few significant changes.

After several weeks of internal investigation, the site’s staff concluded that transaction malleability was not to blame, the news source explained. Instead, hackers exploited a weakness in the site’s “refresh deposits” function, which allowed them to credit their accounts with more and more bitcoin. Since fixing this vulnerability and reopening their illegal business on February 15, staff have been making no profit, instead using the site’s 5 percent commission to repay users for the bitcoin that they lost.

As of April 8, half of the victims had been completely repaid, site staff member DoctorClu told Motherboard. Surprisingly, Defcon claims that over 1,000 BTC – worth about $500,000 – is sitting in wallets of users who have not logged in since the hack.

“Like so many other hacks/seizures/scams, many could not believe that we would ever be able to give back what was stolen, or that we would even promise such a thing,” DoctorClu told the news source. “They have stayed away from Silk Road and possibly the Darknet in general.”

While the drug exchange is still working to re-establish the trust that it lost after the February hack, it seems that this underground bitcoin community is much more resilient than anyone would have guessed. Whether or not you support such an exchange, these events provide strong evidence that faith can be established in a distributed, pseudonymous community.