First came the closure of criminal underground Silk Road, now an apparently vast theft of Bitcoins from one of the sites that replaced it, Sheep Marketplace. Are the users of darkweb markets now being targeted by criminals?
A weekend message on the Tor-based Sheep Marketplace claimed that 5,400 Bitcoins (worth about $5.6 million) had been stolen with the message, “we are sorry to say, but we were robbed on Saturday 11/21/2013 by vendor EBOOK101. This vendor found bug in system and stole 5400 BTC – your money, our provisions, all was stolen.”
That would have been bad enough but estimates since then suggest that the true scale of the theft could run as high as almost 100,000 BTC, equivalent to more than $100 million in the real world.
A slew of angry user complaints have since alleged that the whole site had been operating for some time as a honeypot designed to collect Bitcoins in advance of a prepared heist, an accusation that if true would be an unprecedented example of a business calmly collecting money in order to steal it.
This was achieved by offering illegal drugs for unusually low sums of BTC while refusing to allow users to easily withdraw currency, a cover for the thief to run the BTC through a ‘tumbler’ to launder the currency while keeping them hard to track.
Most of the subsequent detective work seems to have been carried out by a single UK-based user, TheNodManOut, who is convinced the culprit is the Czech admin running the Sheep Marketplace site.
“I've been a very busy boy. All day, we've been chasing the scoundrel with our stolen bitcoins through the blockchain. Around lunchtime (UK), I was chasing him across the roof of a moving train, (metaphorically). I was less than 20 minutes, or 2 blockchain confirmations, behind Tomas," he wrote on 2 December Reddit post that refers to the individual accused of the scam.
“I've just chased a thief through a washing machine for you.”
It remains open to debate whether the thief will ever be able to extract even a fraction of their value without being spotted but getting the currency back to its owners also looks like a forlorn hope.
Until the weekend, few would have heard of Sheep Marketplace and those who had kept that to themselves. Because it is a site that uses Tor to hide its activity from ordinary Internet users, the theft of $100 million dollars could have happened last weekend without anyone other than its victims even being able to see it.
With death threats against the site owner surfacing and unhappy regular users unable to complain to police, it all makes the loss of $1 million in BTC from Danish firm BIPS only two weeks ago look like a minor hiccup, although that was a theft from a legitimate business offering wallet services.