Reddit Posts
Mentions
I don't believe the fake ID's are what lead them to him though. Allegedly, at the time they hadn't connected the two. They claim they found his old job listings looking for someone to help him build/run the website, posted under his old username altoid- which they were able to connect to the real person, Ross. Many people are skeptical about that though, seems like it could have been parallel construction - they could have "hacked" him or something, then found that connection later and said that was how they found him. It's not easy to find someone through Tor but it is possible given the right circumstances. Look up that story of the[guy who was extorting young](https://www.vice.com/en/article/v7gd9b/facebook-helped-fbi-hack-child-predator-buster-hernandez) girls for nudes on facebook using Tails OS - facebook paid six figures for a Tails exploit that looked like a video file (perfect for such a circumstance) which actually opened the "insecure browser" in the background and phoned home through the clearnet, revealing the assholes IP. The FBI did something similar but much less fancy when they infiltrated alphabay and kept it running for a few days, they told all their vendors to download their timelock transaction backup in case the website went down. But it was a word file (I believe) with a hidden pixel attack in it - a single pixel embedded image file hosted on an FBI server, the intention being that you open it outside of Tor browser and reveal your IP which obviously doesn't work if you're using Tails, Whonix, Qubes, an isolation proxy, etc. I know they caught one of the silk roads admins and then took over his account, at which point they were "inside" the tor hidden service, which I believe gives them a much more direct route to tracing DRP's connections to his real IP - especially given that the FBI runs a shitload of Tor nodes. (not saying that tor is insecure, but it is vulnerable if you are a big target they really want to spend resources catching). Funny enough DPR thought he was a step ahead of this since he was anonymously/pseudonymously purchasing VPS's to spin up TOR nodes for his own connections to ensure that none of the nodes in his connection were malicious - which is both smart and silly at the same time since it creates new problems you have to address.