Stealing bitcoins with badges: How Silk Road’s dirty cops got caught
Stealing bitcoins with badges: How Silk Road’s dirty cops got caught published by nherting
Writer Rating: 3.1429
Posted on 2016-08-19
Writer Description: current events
This writer has written 195 articles.
DEA Special Agent Carl Force wanted his money—real cash, not just numbers on a screen—and he wanted it fast.
It was October 2013, and Force had spent the past couple of years working on a Baltimore-based task force investigating the darknet's biggest drug site, Silk Road. During that time, he had also carefully cultivated several lucrative side projects all connected to Bitcoin, the digital currency Force was convinced would make him rich.
One of those schemes had been ripping off the man who ran Silk Road, "Dread Pirate Roberts." That plan was now falling apart. As it turns out, the largest online drug market in history had been run by a 29-year-old named Ross Ulbricht, who wasn’t as safe behind his screen as he imagined he was. Ulbricht had been arrested earlier that month in the San Francisco Public Library by federal agents with their guns drawn.
Now government prosecutors were sifting through a mountain of evidence, and Force could only guess at how big it was. The FBI got around the encryption of Ulbricht’s Samsung Z700 laptop with a street-level tactic: two agents distracted him while a third grabbed the open laptop out of his hands as Ulbricht was working. The kingpin had been caught red-handed, tapping commands to his Silk Road subordinates up until the moment he was cuffed.
Force had been treating Ulbricht like his personal Bitcoin ATM for several months by this point, attempting to extort DPR one day and wrangling Bitcoin bribes for fake information the next. Now, Force didn’t want to be holding those bitcoins anymore. He opened an account with Bitstamp, a Slovenia-based Bitcoin exchange where he thought he could turn coins into cash quickly and quietly.
But when Force opened Bitstamp account #557042 on October 12, 2013, it sealed his fate. He had tricked Ulbricht into paying him more than 1,200 bitcoins (a cache worth more than $700,000 today). Trying to launder those ill-gotten gains through Bitstamp was about as poor a choice as Force could make—though the agent couldn’t have known this at the time.
The investigation of Force ultimately led to a second agent, Shaun Bridges, who worked on the same Baltimore task force and ran an even more lucrative scheme. Incredibly, the two agents were stealing in parallel—friendly co-workers, both tasked to the same case, each apparently unaware of the other’s scheme. One person who helped with the government's case believes there is even more corruption inside the Baltimore task force the two agents worked on. (Neither Bridges nor Force responded to Ars' interview requests for this story.)
This is the story of how they were caught.
Force opened his account at Bitstamp as "Eladio Guzman Fuentes," an undercover identity that he used in his work as a DEA agent. With a Maryland driver’s license, proof of residence, and Social Security card all connected to Mr. Fuentes, Force thought he’d be in the clear.
He wasn’t. The documents ended up in the hands of Bitstamp’s general counsel, George Frost, a journalist-turned-attorney who handles legal matters for the Bitcoin startup out of his quiet backyard office in Berkeley, California. Frost looked at the identity documents sent by "Fuentes," and they didn’t check out.
"I can’t tell you exactly how, but we knew they were sophisticated forgeries," Frost said in an interview with Ars.
Frost confronted Force, who quickly fessed up. He showed Bitstamp his real ID, a Baltimore water bill, and his badge.
"I am a Special Agent with the Drug Enforcement Administration and learned about Bitcoin through my investigation of SILK ROAD," Force wrote to Bitstamp in an e-mail that Frost provided to Ars. "I have attached a copy of my resume and a scanned copy of my badge and credentials."
With that, Frost let him set up an account, but it still didn’t sit right. Even if the guy was law enforcement, Frost wasn’t sure he wanted him around. The just-founded startup didn’t need the headaches of being a launching platform for DEA undercover operations. In the meantime, Force made a couple of large transactions that November, transferring $34,000 and then $96,000 worth of bitcoin into a bank account.
Bitstamp allowed the withdrawals, but Frost continued to be suspicious. DEA credentials or not, Force’s behavior was weird. Frost contacted FinCEN, a bureau of the Treasury Department that collects financial data to uncover possible crimes. The contact at FinCEN was Shaun Bridges, a Secret Service agent whom Frost had worked with previously. (The Secret Service has been part of the Department of Homeland Security since 2003, but was previously under Treasury.)
"[Bridges] was a smart guy and seemed very conscientious," Frost recalled.
Bridges told Frost he would refer the case to the Department of Justice’s Public Integrity Section—the division that deals with public corruption—but nothing seemed to happen after that.
Meanwhile, Force kept moving his assets out of Bitcoin. In December 2013, he paid off his mortgage in full, which had about $130,000 outstanding.
In April 2014, six months after the Ulbricht arrest, Force made another big withdrawal. This time, he retrieved about $80,000. Bitstamp employees went back and looked at Force's IP addresses—they were all connected to Tor, an anonymizing network for Web browsers to surf the Internet seemingly undetected.
"Sometimes there’s a good reason for using Tor, but it’s a big red flag for us," said Frost. (In fact, Bitstamp no longer allows Tor connections.)
Force said he used Tor for privacy, and "he didn’t particularly want the NSA looking over his shoulder," Frost said. It looked fishy, but the withdrawal was allowed.
On April 28, 2014, Force tried a fourth withdrawal. It was his biggest yet, trying to move more than $200,000 in bitcoins. This time, Frost decided to freeze the account until he could get better answers. He had already contacted federal authorities about this agent's behavior, but nothing seemed to be happening.
On May 1, the attorney tried another route. Frost had a previously scheduled a meeting with someone whose eyes wouldn’t roll back when he mentioned Bitcoin. Kathryn Haun, an assistant United States attorney in San Francisco, was DOJ’s first digital currency coordinator. Also at the meeting was Tigran Gambaryan, then a 28-year-old special agent with the Internal Revenue Service in nearby Oakland.
After the meeting, Frost was blunt about his suspicions of Force. "I'm an old reporter and I really smell a rat here," he recalled himself saying.
Haun asked what was up. It had been a long meeting.
"For one thing, he's using his undercover name and undercover credentials," Frost explained.
That was a bit weird. But it was most likely a sign of sloppy undercover work, not criminality. And assigning agents to investigate other agents wasn’t a decision to be made lightly. To Haun, it seemed thin, and she said as much. Still, she told Frost to send on what he had.
Gambaryan was interested, too. The Oakland-based agent was deeply interested in tech in general and Bitcoin in particular. He’d relished the stories of his colleagues who’d worked on the Silk Road case, including fellow IRS special agent Gary Alford, who famously was the first to identify Ulbricht through a little Google-fu.
Gambaryan also knew about tension between Silk Road investigative teams in Baltimore and New York, but Frost’s sudden aside after the meeting raised the prospect that something more sinister than agency rivalry was going on. It was a distant possibility, but still—why, Gambaryan thought, was anyone involved in the Silk Road case trying to cash out large quantities of Bitcoin?
Haun and Gambaryan were on the fence about the value of investigating this at all. But the very next day, Force did something that made an investigation all but inevitable.
"Could you please delete my transaction history to date?" Force asked in an e-mail to Bitstamp’s customer service. "It is cumbersome to go through records back to November 2013 for my accountant."
The request put Frost on high alert. He already suspected this DEA agent had somehow gone rogue, and now it looked like he was trying to destroy evidence. He called Bitstamp's Slovenian service team and told them not to delete anything, then he called Haun. She opened an investigation the same day, still unsure if it would amount to much.
You have the right to stay anonymous in your comments, share at your own discretion.