FYI.

This story is over 5 years old.

Tech

'Operation Hyperion' Targets Suspected Dark Web Users Around the World

The coordinated international law enforcement effort isn't as much a wide crackdown as it is a series of warning shots.
Screengrab via ICE

This piece has been updated with additional comment from the FBI.

Earlier this week, law enforcement agencies from across the world announced an operation targeting vendors and users of dark web marketplaces. Codenamed Operation Hyperion, the move is one of the most dramatic police coordinations around the dark web yet, with thousands of people allegedly being identified.

But how exactly these arrests or interviews were connected to one another, if they were at all, remains unclear, and a large part of the operation seems to be geared toward intimidating current and potential sellers and buyers, and dissuading others from participating in the online drug trade, rather than leading to a substantial number of actual arrests.

Advertisement

New Zealand authorities announced they had "identified and spoken to" more than 160 individuals; the Royal Canadian Mounted Police said in a statement that it had arrested someone based in Quebec suspected of distributing narcotics internationally; and Swedish police even claimed to have identified some 3,000 suspected buyers in the country.

The FBI "made contact" with more than 150 people suspected of buying illegal items from various marketplaces, according to a press release.

"This was a coordinated week of action that was aimed at generating awareness that purchasing contraband on the Dark Web isn't as anonymous or consequence free as some may think," FBI spokesperson Nora Scheland told Motherboard in an email.

Read more: 7 Ways the Cops Will Bust You on the Dark Web

A wealth of other US agencies also participated in the operation, including the US Postal Inspection Service, Customs and Border Protection, Internal Revenue Service, and the Bureau of Alcohol, Tobacco, Firearms and Explosives, according to a press release from Immigration and Customs Enforcement (ICE). Other international partners include agencies in the United Kingdom, Australia, Ireland, France, Spain, and Finland.

But Operation Hyperion isn't so much a wide crackdown as it is a series of warning shots. The Dutch National Prosecution Service, for example, launched its own dark web site, which lists arrested vendors, and those who are still active.

Advertisement

"You have our attention," reads the site, which also has a counter of buyers who have been apparently identified; but it is a simple looping animation, rather than anything being updated in real time.

And even those 3,000 suspected buyers identified in Sweden may not faces charges: Swedish Police said in their announcement that the agency does not yet know how many will be prosecuted.

What, if anything, connects all these suspects, such as specific marketplaces or investigative method is not totally clear. But New Zealand authorities said they targeted packages coming through mail centres, and then traced those packages back to vendors and buyers. A four-minute video from ICE showed Customs and Border Protection authorities scrutinising packages sent in the mail, suggesting the operation had a focus on intercepting shipments. (Many of the packages in the video aren't related to drugs, but weapons and counterfeit products instead).

The mailing system is arguably the weakest point in the dark web drug trade. Whereas users' communications on a market may be protected by encryption, and their location masked by the Tor anonymity network, buyers often have illegal packages delivered directly to their house, in their own name. And once a package has been deemed suspicious, investigators may look into where exactly it came from.

Law enforcement have previously announced international operations in a coordinated fashion. Operation Onymous involved agencies from the US, UK, and elsewhere, and relied on data gathered by researchers from Carnegie Mellon University's Software Engineering Institute, when they attacked the Tor network in 2014.

Get six of our favorite Motherboard stories every day by signing up for our newsletter.