Suspected Dark Web drug dealer undone by his own beard

He’s no Pablo Escobar, the Miami Herald points out.

Agreed. He’s far more hirsute: the suspected dark web drug dealer arrested on his way to a worldwide beard contest on 31 August 2017 has a forest of flaming red fur spilling out of his chin and down to his bellybutton.

But if charges stick, it looks like the US Drug Enforcement Administration (DEA) has netted somebody who has one thing in common with the Colombian narcoterrorist: he’s allegedly a modern-day, dark web hidden version of the drug lord.

According to an affidavit (PDF) filed by the US Drug Enforcement Administration (DEA) in September 2017, 38-year-old Gal Vallerius, also allegedly known as OxyMonster, is a five-star-rated drug dealer and admin on a dark web marketplace called Dream Market that’s hidden on The Onion Router (Tor).

Dream Market is your typical dark web marketplace: it’s an eBay-like market for drugs such as meth, heroin, fentanyl and cocaine; drug paraphernalia; hacked passwords; and services such as hacking or counterfeit passports.

Since at least February 2016, DEA agents have gone undercover to buy a slew of drugs – 100 sheets of LSD, 28 grams of crystal methamphetamine and more – and had them shipped to Florida. The vendors’ names on the marketplace include MethForDummies, ReximusMaximus, and OxyMonster, who’s not only a seller but an administrator and senior moderator on Dream Market.

According to the affidavit, OxyMonster’s profile says he works out of France but ships OxyContin and Ritalin to anywhere in Europe and to the US. In his admin role, he’s been very helpful to customers: he’s dealt with complaints, provided tips on staying anonymous on the dark web, and posted the names of Dream Market’s official staff.

That’s great for customers. Not so great when it comes to racking up conspiracy charges, though. From the affidavit:

OxyMonster knowingly participated in the Dream Market conspiracy not only as a vendor, but also in a leadership and organizational role as a senior moderator and administrator.

Agents – DEA agents were joined in the investigation by the FBI, the IRS, Homeland Security Investigations (HSI), and the United States Postal Inspection Service (USPIS) – linked OxyMonster with Vallerius in a few ways over the course of the investigation. For one thing, they compared Vallerius’ writing style on his public Instagram and Twitter accounts to OxyMonster’s forum posts on Dream Market and found many similarities, such as use of the word “cheers,” double exclamation marks, frequent use of quotation marks, and intermittent French posts.

The other thing that connected OxyMonster with Vallerius was the use of his real email address to accept payments. The agents tracked incoming and outgoing transactions from a bitcoin address associated with sales on the site and discovered that most of them went to Vallerius on Localbitcoins.com.

But it was the beard contest that really tripped him up in the end.

On 31 August 2017, Vallerius left France to travel to the US for the first time ever. He came over to attend the finals of the World Beard and Moustache Championships in Austin, Texas.

But upon his arrival at Atlanta International Airport, he was detained for a border search. That’s where agents found what they say is confirmation that Vallerius was OxyMonster: he had the Tor browser installed on his laptop, what seemed to be login credentials for Dream Market, $500,000 worth of bitcoin, and a PGP encryption key labelled ”OxyMonster” that matched the one advertised as belonging to OxyMonster on Dream Market.

According to the Miami Herald, Vallerius chose not to contest his identity and detention at a court hearing in Atlanta. He’s expected to be transferred soon to Miami to face a new conspiracy indictment that carries up to life in prison.

This is the point where we typically mention that maximum sentences are rarely handed out. But it’s been two years since Silk Road founder Ross Ulbricht was given life without parole for his own journeys down the dark web wormhole.

Granted, Ulbricht’s drug dealing and other crimes were one thing. If it was only drugs, maybe he wouldn’t have received such a long sentence. But he also had six separate murder-for-hire incidents leveled against him. None wound up on the final charge-sheet, but the added weight of violence was thought to perhaps have had an impact on the decision to levy a heavy punishment.

The judge most certainly wanted to make an example out of him. At the time of Ulbricht’s sentencing, Judge Katherine Forrest said just that:

For those considering stepping into your shoes… they need to understand very clearly and without equivocation that if you break the law this way there will be very, very severe consequences.

In reality, shutting down Silk Road, locking away Ulbricht and throwing away the key hasn’t put a dent in the dark web trade of illicit goods. In fact, according to a new study, dark web marketplaces are thriving.

Media coverage of Ulbricht has actually amounted to free advertising for the business model he set up. When researcher Isak Ladegaard analyzed sales data from Agora – another large dark web market similar to Silk Road – he found that US sales doubled over the 10-month period following Ulbricht’s sentencing.

Ladegaard says the media coverage surrounding Ulbricht’s case likely made more people aware of the existence of dark web markets. They weren’t discouraged; they were intrigued:

The timing suggests that people weren’t discouraged from buying and selling drugs. The data suggests that trade increased. And one likely explanation is that all the media coverage only made people more aware of the existence of the Silk Road and similar markets.

Perhaps after this arrest the World Beard and Moustache Championships should brace itself for a surge in interest too.