The Rise and Fall of Shiny Flakes, Germany's Online Drug Market
The unlikely career of a darknet dealer ended when police confiscated 4.1 million euros worth of drugs from his childhood bedroom.
It's a routine pickup. Georg*, 51, drives up to a young man's apartment in the north of Leipzig, Germany, on February 26th, 2015. Even though there is a 31-year age difference between the two, they meet regularly. To hand over kilos of drugs.
But this time, they aren't alone. The police have already been watching for a long time when the pair meet up on the two-lane road in front of the apartment building. On this mild winter day, the cops make their move.
When the 20-year-old recipient of the drug delivery realizes what's going on, he runs back up the stairs into his mother's apartment and starts ripping the cables out of his hard drives. He's arrested before he can reach one of the drives containing incriminating material.
It was the culmination of an unprecedented career in drug dealing, which in less than two years turned the 20-year-old Mortiz* into one of the biggest online dealers in Germany, according to police. For law enforcement, it's the conclusion of a meticulous months-long investigation, an equally historic and rare triumph against the online drug trade.
"He wanted to play God."
The police leave with both dealers, the hard drives, and Mortiz's laptop. They also confiscate 48,000 euros in cash and an unbelievable cache of 320 kilos of all sorts of drugs, sorted, and stored on the shelves in Moritz's childhood bedroom. Because Moritz—who thought he was invincible and who single-handedly built up and ran his drug empire, Shiny Flakes—still lives with his mom.
The package station network
Moritz mainly sent his packages within German-speaking countries, but some made it all the way to Indonesia, sometimes by registered mail, often to automated package stations or PO boxes, and, for bigger orders, as traceable deliveries with tracking numbers.
The depots served merely as dead drops; often, the packages were addressed to someone other than the person who picked them up, with a second bogus party listed as the return address.
The police only needed a few days to cull the seized hard drive, which was not encrypted, before they found what they were looking for: practically all the addresses of Shiny's bulk buyers in Germany, the people who ordered kilos of drugs from him to then further distribute.
On March 10th, the police, using the information obtained on the stick, got warrants and conduct searches all over Germany. A total of 38 locations were searched and five other individuals were arrested.
Just a day later, on March 11th, the rumors that had been flying around for days online about the end of Shiny Flakes were finally confirmed.
"Dealers, run for your lives."
The police publicized the success of their raid that afternoon, uploading on both Shiny Flakes' clearnet website and on his Onion domain, hosted on the darknet, an advertisement for careers in the Saxon police: "One job—1000 possibilities." For most visitors it just look a little bit more inviting than similar notes after police darknet operations that we have seen in the past.
A mysterious post on Shiny Flakes' dealer profile on another darknet black market now appears to be a kind of prophecy: "Dealers, run for your lives."
Whether it was actually posted by Shiny, who was a registered dealer on three deep web markets, can't be conclusively determined today—maybe Shiny was just trying to alienate other dealers that gave him bad ratings.
The clear net and darknet dealer has been in custody at a detention center on Leimener Straße in Leipzig since February 27th. Instead of spending his time worrying about Bitcoin transactions, supply-side issues, bagging out crystal, and paranoid customers' vitriol, Moritz now can enjoy the leisure of incarceration:
Professional Nerds won't be tried as Juveniles
Faced with an overwhelming amount of evidence against him, Moritz's chances in court aren't looking too good, although he has retained the experienced defense attorney, Stefan Costabel.
What's clear is that Moritz is a highly intelligent nerd with arrogant tendencies. He has a high school diploma but no higher education. A successful plea to the court to try him as a juvenile after he single-handedly constructed an extremely profitable drug business currently seems unlikely.
"He wanted to play God," someone family with details of the court case told Motherboard.
According to the prosecutor, he's facing a sentence of 15 years for internationally distributing controlled substances.
"The police can make hundreds of mistakes. But if I, the dealer, make a mistake, it's deadly."
The DIY drug boss' business had gotten out of hand, at least in recent months. According to the police investigation, on the one hand, he built up a highly professional drug business (he disguised the revenue as profit from a registered freelance web design business); nevertheless, his success and the pressure that came with it made him less careful. He started using the same package stations all the time to send out his goods. After the police became suspicious of a package with insufficient postage on it, all they had to do was keep an eye out for more packages of the same size with the various stamps and return addresses.
"The police can make hundreds of mistakes," another drug dealer, who's known Shiny for a while, explained regarding the pitfalls of online dealing. "But if I, the dealer, make a mistake, then it's deadly."
The official staging in Saxony
The seizure of 320 kilos of drugs with a market value of 4.1 million euros was one of the largest in Germany's history. The authorities are accordingly proud and refer to it as a "sensation." A press conference held to discuss the standing of the case and the background of the investigation was filled with reporters from all the biggest German TV stations and newspapers, as you would expect.
The presser consisted of a few speeches—from Leipzig police officers and city prosecutors—and then the bigger presentation of the seized drugs, which are still concealed under tablecloths. "Then you can launch your barrage of in-depth questions," one officer muttered with hardly disguised disdain.
If you believe the local police, nobody is out of reach of the law's eagle eyes
In the presentation that follows, the police portray themselves like they're on an episode of Crimewatch. They boast of having captured data from the darknet and employing highly-specialized IT cracks during the investigation, leading to its success. The message: Nobody is out of reach of the law's eagle eyes, not the street dealer, not the darknet vendor and not even the customers.
A large part of the investigation's success though was due to more classic police work, especially the use of surveillance. The pinpoint surveillance of Moritz's room, checking the incoming and outgoing mail at the nodal point of the DHL logistic center in Radeberg, right next to the Leipzig-Halle airport, and especially staking out certain package stations, that Mortitz allegedly continuously used, all heavily contributed to the success.
The police apparently also conducted test buys on the website. Even before they descended on the home Moritz shared with his mother, the police had already intercepted 40 kilos of drugs in the mail. This constituted a surprising explanation for the delayed deliveries that Shiny's customers kept complaining about, which the pseudonymous dealer had attributed to fear mongering among his buyers.
The police reveal what's under the white sheets at headquarters: boxes of speed paste, mountains of hash, pharmaceutical packages, packets of cocaine, unimaginable amounts of colorful ecstasy pills, meth, and gray-purple shimmering MDMA. Among the pills are several bulging freezer bags of high-dose, red pills of ecstasy known Burger Kings, which Shiny Flakes claimed to distribute exclusively.
"It really wasn't a typical childhood bedroom, but who knows."
"How am I supposed to picture this?" one reporter asks. "Did he hide these insane amounts under his bed or where do you put all this in a childhood bedroom?" "Since he was an orderly person, he stored it all on shelves," an officer answers. "It really wasn't a typical childhood bedroom, but who knows."
And the authorities have another thrilling piece of information for those interested in bureaucracy in the audience: "He didn't keep accounting books." But he did have all the paraphernalia necessary for the portioning and packaging of drugs. Moritz, it's clear by now, tried as hard as he could to keep it a one man operation.
Additionally, the police disclosed how much he made with his business. A profit margin of between 50 percent and 300 percent and revenue from several thousand customers of about a million euros in the last six months alone made him into a very young, very rich person, who was also under an enormous amount of pressure because of the nature of his business. The lion's share of his earnings were actually made in the three months leading up to his arrest.
The Wandering Package
The starting point for the authorities' investigation was a package with insufficient postage that didn't find its way back to the (nonexistent) sender and was opened at some point. These kinds of packages continuously surfaced around Leipzig. So the police asked 23 post offices around Germany for similar instances and assessed the data they received.
By the end of January, 2015, after keeping several package stations under surveillance, they identified an individual who was sending as well as receiving suspicious packages.
At the press conference, the police also claim to have seized 325,000 euros in Bitcoin and additionally claim to have "obtained active data from the darknet." But when questioned on how they were able to seize the digitally-encrypted currency and look at darknet data, their answers came up short. Moreover, the relevant servers are located abroad. However, it is possible that when the police confiscated Moritz's laptop during the raid, he was still logged into his Bitcoin wallet.
Responding to the authorities' proud claim that they're now basically able to do crackdowns within the darknet, Chris*—another darknet dealer who's known the accused for over a year—assuredly explains, "I don't believe that. They just want to make us paranoid."
He also added that, in the end, it looks like Moritz became either too greedy or too sloppy: "I would never use the same username for more than a year, even if it is practical and appealing. Using one for two years, the way Shiny did, is simply too long. He just got too reckless."
The Competition Causes Problems
But the police weren't the only ones on Moritz's heels. His competition also had him in their sights, especially over the last year.
Shiny was notorious for his feisty conduct towards colleagues and clients, who he was happy to insult repeatedly. Chris told us about that too. The longtime online dealer said Shiny had a very specific attitude and a strange sense of humor. In an exclusive interview with Motherboard in September of 2014, Shiny said himself, "If a customer is unsatisfied with a product, I get very direct."
What's definite is that his aggressive rhetoric didn't harm his business. "The customers have a thing for antisocial behavior, they kept coming back to him," says Chris, who knew Shiny from a bigger German online criminal forum. "He's been a big mouth for as long as I've known him." Yet Shiny was still careful when having a one-on-one conversation with Chris.
Even though the two dealers respected each other, they ultimately found themselves in a competitive struggle. Chris claims to be partially responsible for Shiny changing his PGP key in mid-February, forcing him to move his domain. Back then, more than a few people surrounding Shiny Flakes were speculating that the police were responsible for the problems. However, if Chris is right, this action gives surprising insight into the tactics that rival online dealers use to attack each other.
Whether of all things a hacking attack could have hindered the police from reading older, encrypted emails from Shiny's .com-domain, is as of yet unclear.
Then there are the supply-end problems. The Dutch authorities recently raided the wholesale supplier, Dutchmaster, which led this month to search warrants being issued for other German dealers, including colleagues of Chris'. It's very probable that Dutchmaster was one of Shiny's suppliers. However the authorities won't speak to that, except for offering a suggestive, "Maybe."
The police also neglect to explain the origin of the message on Shiny Flakes' dealer profile on Evolution. "Run for your lives" appeared on March 3rd, when the CEO of Shiny Flakes was already sitting in jail. The police say they weren't responsible and they also lack a motive for warning drug dealers about pending search warrants. But it's clear that one of Shiny's darknet profiles was repeatedly visible online long after his arrest.
Now, after almost two years, Shiny Flakes is no more. The jaw-dropping drug photo op at the press conference was able to bring an end so some of the online discussions about Shiny Flakes' whereabouts and identity. However, his arrest will barely put a dent into dealing over the darknet. Shiny Flakes' career was just another, short chapter in the online war on drugs, which has only just begun.
Shiny Flakes' original dot com domain happened to be registered anew just one day after the raid at Moritz's mom's place—to a new name and address. It remains to be seen whether the new registrant will attract the attention of the Saxon Police.
Lead image: Just a small portion of the 320 kg of all sorts of drugs, that were seized during the raid. All images (when not stated otherwise) by Theresa Locker.
This story has been translated from Motherboard Germany.