Feds Tracked BTC Addresses and LocalBitcoins to Bust Dark Market – Kingpin

The latest hechtenis of alleged online drug vendor Gal Vallerius isn’t your routine dark market bust. Spil well spil claiming they’ve caught another “kingpin”, federal authorities used basic Bitcoin addresses analysis, a LocalBitcoins account and social media posts to track their man.

French resident Vallerius, who feds say is Wish Market’s “OxyMonster”, wasgoed arrested at Atlanta airport on 31st August, while he wasgoed traveling to a beard-growing contest ter Austin. He is presently te Miami where he faces indictment for numerous charges and (if found guilty) up to life ter prison.

Connecting the Dots Inbetween Dark Markets, Social Media Posts

Wish Market is presently the top-ranked darknet market, according to DeepDotWeb, followed closely by Traderoute. However many suspect Fantasy may have bot seized and infiltrated by law enforcement after takedowns of previous user favorites AlphaBay and Hansa ter July 2018.

Also according to DeepDotWeb, feds originally investigated Desire’s regular vendors. However closer examination of the webpagina’s forum section exposed “OxyMonster” spil a senior moderator and vendor of “Schedule 11 managed substances”.

Related movie: HitBtc Troque Grátis Ethereum ,Litecoins,Dogecoin e Várias Crypto Moedas-Por Bitcoins


They soon connected OxyMonster to Vallerius. Wish’s official staff posted a “tip jar” with a vanity Bitcoin address – which never switched. That address regularly sent coins to a LocalBitcoins P2P trading account called “vallerius”. Feds then cross-checked against social media accounts with the same name.

They allegedly noticed similarities te writing styles inbetween OxyMonster and Vallerius’ online presences, including frequent use of the word “cheers”, dual exclamation and quote marks and some posts ter French. Vallerius’ online profiles have since bot deleted.

OxyMonster’s Traderoute vendor profile also claimed to have bot an admin on Desire and moderator on the now-defunct Evolution Market.

Related movie: How withdrawal Bitcoin at ATM


Suspect Took Several Security Risks

Maintaining a common pseudonym and reputation across market platforms can be essential for vendors and admins (especially when they’re routinely shut down), but it also makes life lighter for investigators to connect the dots.

Vallerius’ hechtenis should also be a lesson ter “operational security” (OpSec) – and the perils of crossing borders with laptops. Border guards searched the machine and allegedly found: his login credentials for Fantasy Market, a PGP private key used by a Desire Market and Traderoute vendor, $500,000 USD worth of bitcoin… and a copy of the Tor browser.

However not illegal, some voorkoop merely having Tor browser installed is enough to thrill suspicion.

By the time he arrived ter Atlanta Vallerius wasgoed already a target, however.

The Perils of Re-Using Bitcoin Addresses

The hazards of using the same Bitcoin address for numerous transactions (and/or overheen a prolonged period) has long bot cited spil a privacy risk. Even for those not engaging ter illegal activity, the more transactions an analyst can verbinding to a particular address helps build a gegevens profile – which can be cross-referenced with purchases, login times and other behavioral patterns.

Related movie: TRON(TRX) migration to its own MAINNET has commenced


Most modern Bitcoin wallets use a fresh sending and receiving address for each BTC transaction. There are more technically advanced ways to connect thesis, however it’s far tougher than just searching on Blockchain.informatie.

Related movie: AdBtc.top Withdrawal Proof || How to Withdrawal Bitcoins || Payment Proof ||


It seems OxyMonster didn’t consider the peak jar address to be a security slot, however. OpSec, spil information security professionals often warn, is a utter time job and it only takes one slip to unlock a fresh trove of information.

Related movie: Token pay update || Tokenpay (TPAY) listed on cryptopia


Will Feds Make Gal Vallerius the Next Ross Ulbricht?

When investigating Ross Ulbricht spil part of the Silk Road investigation, the FBI reportedly leaped on an early lapse where Ulbricht exposed his email address – and a epistel window when the webpagina’s verdadero IP address wasgoed accidentally exposed.

Related movie: HOW TO MAKE MONEY ONLINE �� (12 Ways To Make $1,000+ A Month!)


With that petite but useful puzzle lump, they were able to embark tracking down Silk Road’s server location and identifying who operated it.

A marquee catch te the U.S. federal government’s battle against e-commerce on the dark web, Ulbricht is presently incarcerated at Florence High high-security federal prison te Colorado.

Despite never selling illicit substances himself, Ulbricht wasgoed sentenced to life imprisonment with no possibility of parole ter 2018. Appeals against the conviction and harshness of the sentence have bot fruitless so far.

The authorities may wish to set a similar example with Vallerius, who may also hold useful information on other dark market operators.

Is law enforcement winning the war against dark markets? Let’s hear your opinions.

3 Comments

  1. chevygirl46933

    May 16, 2018 at 9:15 pm

    any news about distribution via worldcommunitygrid?

  2. norika_yee

    May 16, 2018 at 11:57 pm

    * Click “Flow unpacked extension…” and select the “topbtc” folder.

  3. Seanaci

    May 17, 2018 at 5:45 am

    I documented it te a wiki article. How much documentation did BCNext or CfB leave after their “very productive” work?

Leave a Reply