In November 2016, police raided numerous apartments in Thuringia, Germany. During the raids, law enforcement made discoveries that they called the biggest blow against online drug trafficking, at the time. They found notebooks of recorded data, phones, hard drives, kilograms of drugs, and two suspects: 31-year-old Philipp H. and 19-year-old Stefanie W. Those two suspects now face 15 years in prison for selling drugs on the Dream darknet market, among other crimes.
Authorities first investigated three suspects. In addition to the the romantically involved duo, police investigated Philip’s 51-year-old father. No public statement—or at least on the police’s website—mentioned a dropped car against the father, but the suspect count had dropped to two and then stayed that way. Although a third entity may have had some participation, the prosecution claims that the duo sold 17 types of drugs on both the Dream market and a clearnet shop called “finestdrugs[dot]to.”
The public prosecutor at the Meiningen court preliminary hearing revealed that authorities had gathered more than 350 pages of evidence against the pair of drug dealers. Both, thus far, denied all accusations. Some of which are listed below, as noted in the 350 pages:
- The vendors kept “meticulously tracked” records of their deals that allowed authorities to identify 4021 instances of drug trafficking.
- At least 300 cases involved large shipments of drugs.
- More than 2,000 customers had used the clearnet shop.
- They had sold, from their account on the Dream Marketplace, 1.5 kilograms of marijuana, the same of hashish, 5.1 kilograms of amphetamine, 130 grams of methamphetamine, 300 grams of heroin, 400 grams of cocaine, and 1,000 ecstasy tablets.
Their clearnet website gave away the types of drugs sold on the site:
“More than 500 successful orders! We have no minimum order value! High-quality drugs like Xtc / MDMA / Hash / Weed / Cocaine / Heroin / Speed and Crystal Meth simply online! Test our goods and they will be 100% pure!”
Phillip, the alleged mastermind, harvested user credentials and some them on the internet as far back as 2014. Investigators noticed that he had sent out millions of phishing emails and links on a routine basis. He collected databases filled with credit cards information and credentials for online payment systems, the public prosecutor said. Police identified nearly 10 million email addresses, almost 11,000 PayPal accounts, and 2,300 eBay logins. The clearnet site’s privacy statement is reassuring, though: “we log no IP addresses when buying drugs [and] your data is encrypted via PGP.” Reassuring until the site’s login page suggests that a user sign in with a social profile.
On a final note, FinestDrugsDE, the fraudster above, used a PGP key with the email address “[email protected][dot]md.” That email address is registered to a “Frank Bannister” and an irrelevant physical address. But the email address is also the registered email for two carder websites.