Skip to content
Feds arrest alleged Silk Road 2.0 deputy after 6-month attack on Tor
Naked Security Naked Security

Silk Road 2.0 deputy arrested after 6-month attack on Tor

Brian Richard Farrell, aka " DoctorClu", was arrested last week. A search warrant shows that the drug market's kingpins were unmasked after a 6-month assault on Tor.

Image of camel courtesy of ShutterstockWith the trial of alleged Silk Road mastermind Ross Ulbricht under way for a second week, Department of Homeland Security (DHS) agents have also now arrested the alleged deputy of the illegal drug bazaar’s reboot, Silk Road 2.0.

Brian Richard Farrell, 26, of Bellevue, Washington, was arrested last week and charged on Tuesday with conspiracy to distribute heroin, methamphetamine, and cocaine, according to a statement from the office of Acting US Attorney Annette L. Hayes, for the Western District of Washington.

Farrell allegedly went by the handle “DoctorClu” on Silk Road 2.0, which sprang up in November 2013 following the government’s seizure of the first Silk Road website.

Alleged kingpin of Silk Road 2.0, Blake Benthall, also known as “Defcon”, was arrested in November 2014 in San Francisco.

According to the criminal complaint filed on Tuesday, Farrell told agents he was a “key assistant” in a small staff that helped Benthall run the enterprise’s day-to-day operations.

Those tasks included tending to the computer infrastructure and programming code underlying the website; the terms of service and commission rates imposed on vendors and customers of the website; and the “massive” profits generated from the illegal business.

The complaint alleges that Farrell was also involved in approving new staff and vendors, as well as organizing a denial of service (DoS) attack on a competitor.

According to an affidavit by Special Agent Michael Larson, DHS agents tracked Silk Road 2.0 activity to Farrell’s home in July 2014.

Agents then watched Farrell’s comings and goings and interviewed a roommate who said that Farrell received UPS, FedEx and postal packages daily.

Farrell’s roommate told agents that he opened one “suspicious” package addressed to Farrell and found it contained 107 Xanax pills.

The investigation led to a search of Farrell’s Bellevue home on 2 January 2015, during which agents seized computers, drug paraphernalia, silver bullion bars worth $3,900, and $35,000 in cash, Larson said.

The charge levied against Farrell on Tuesday carries a mandatory minimum prison term of 10 years and a maximum punishment of life in prison.

A 6-month infiltration of Tor

According to Larson’s search warrant, the Silk Road 2.0 investigation has been based on a six-month infiltration attack launched against Tor, the anonymizing service that kept Silk Road 2.0 users anonymous.

From January 2014 to July 2014, agents managed to get what Larson described as “reliable” IP addresses for Tor and for services hidden behind its layers, including Silk Road 2.0. That included its main marketplace URL, its vendor URL, and its forum URL.

Agents used this data to track down Silk Road 2.0’s servers, which resulted in the site’s takedown in November 2014.

The data was also used to identify another 17 black markets hidden on Tor. Larson didn’t give details on these other Tor-hidden markets.

According to the government, as of September 2014, before the Feds shuttered it, Silk Road 2.0 was doing quite well, ringing up sales of about $8 million per month with a user base of 150,000 active participants.

Image of camel courtesy of Shutterstock.


Well. If we thought that the Feds got lucky obtaining the IP address of SR1 apparently we were wrong. Now it should be quite clear to everyone that TOR is vulnerable to state actors. Only a fool would build a SR3 at this point.


Having an undercover officer as an admin on Silk Road has its privileges… other markets were taken down along with SR2, but many are still operating.

I’m not sure there is a problem with Tor, per-se, but there may be with Tor’s implementation of hidden services. Even the Tor developers state that hidden services require work.


Leave a Reply

Your email address will not be published. Required fields are marked *

Subscribe to get the latest updates in your inbox.
Which categories are you interested in?
You’re now subscribed!