TyperTech
Regular Member
- Joined
- Feb 26, 2024
- Posts
- 44
- Reaction score
- 0
- Status
- Offline
- Last Seen
How people got caught doing dead drops.
Controlled purchase. Bitcoin traced to crypto exchange account owned by vendor.
Controlled purchase. Vendor used GPS on phone to get coordinates to give to customer. Phone GPS consists of GPS, wi-fi access points in range, cell towers in range. Vendor phone traced to drop location.
Controlled purchase. Vendor reused general drop area. Controlled purchase and drone airplane in the air. Drone identified cars going to drop area access route. Car identified. You can have drone in air read license plate, camera placed at road under surveillance, use any CCTV camera to get plate.
Vendor did drops in urban area. CCTV.
Buyer identified in separate investigation and busted. From buyer account tell vendor that drugs not found. Vendor goes back to drop to look for drugs.
Not exclusive to dead drops but vendors leave DNA and prints on packaging material.
Timing attack. Tor or communication service access by vendor from vendor owned internet access point. At same time verified activity by vendor.
How to do dead drops?
You need a place to store drugs, packaging equipment. Packaging equipment are scales, vacuum sealers and vacuum bags. Storage place can be smaller and harder to locate but probably harder to work in. You can store things where you work. Important is that the place and things are as hard to tie you as possible. You should not be identified if place is found and place should not be found by you being identified. You must not work where you live or store where you live. We all live in different countries and our options are different. Drugs should be stored as smell proof as possible. Local police forces might sweep high risk places with dogs. Smell proofing also protects from oxygen and humidity and that will degrade some drugs very fast.
Sometimes vendors are identified by packaging equipment purchases. Keep that in mind when you are buying things. Whether you are buying with credit card from a store or ordering from web. Maybe you want to buy in the same area where the police department is that will investigate you, maybe you want to buy somewhere further away. Maybe you want to use specialty equipment with limited users and availability, maybe you want to get creative.
Do not leave DNA or fingerprints behind. Equipment you should use are hair nets. Safety goggles to prevent eyelashes from falling into powders. Probably overalls used by painters so that you do not leave any hair behind from your pet dog. Rubber gloves. Keep in mind that rubber gloves can leave prints behind because they are so thin and can contour on your fingerprints. Put on a pair and tighten it on your fingertip, do you see your fingerprint? Wear 2 pairs just in case. Put on your gloves in a way that you do not leave DNA on the outer surface of them. Do not touch every glove when getting a pair out of a box. Do not touch the glove all over when trying to get a pair on. Wipe down each layer of vacuum bag with bleach. You might have transferred DNA from a glove, lost some dandruff or eczema skin, a tiny hair, some spittle as you chat with your buddy...
At your working location never use a phone. You leave your phone behind when you go to work. You do not want to be tied to the location if it is found and you do not want the location to be found through you or anyone else.
If you need to take notes then use a laptop and a Tails USB or Qubes + Whonix. This way your information is encrypted. Do not use a paper and pen.
Controlled purchases will be made. If you go to the woods right now and 2 hours later give the location to the police then they have much more to work on than if you were at the drop location up to a day ago, 2 days, a week. If you properly vacuum seal your drugs then they can stay in the ground for a long time. Maybe it isn't that smart to give the drop location to the police when they can still smell your fart in the wind? If you make custom orders of 1 g of this 5 of that and 15 of another then you need to pack drugs and make drops every day, that is a more dangerous and stressful work schedule. If you force people to buy 100 g then it might be 6 months after a drop and you are in Belize when the purchase is made. Figure out what is best for you and what your clients will accept.
When you go make a drop then leave nothing behind. No cigarette buts, no candy wrappers. Do not take a shit in the woods, do not piss against a fence. You lose cells from your intestinal walls and inside your urethra, that is DNA. Do not leave your footprints or tire tracks in the mud.
If you go to make or pick up a drop then do not look peculiar as all hell in your tough guy criminal outfit. If you are going to a trail then look like a jogger. Have a reason to be where you are and look the part.
Do not transfer DNA or prints to the package after it has been packaged. Wear gloves that do not have your DNA on the outside and use a container for transportation that does not have your DNA on the inside.
You should not use an internet connected device for getting GPS coordinates. Handheld GPS - pros: no internet. Cons: can look suspicious or out of place, not encrypted, no way to securely erase data from internal memory. Phone - pros: easily available, does not look out of place, can be encrypted, you do not have to worry about secure deletion of encrypted data. Cons: need to physically remove hardware for all wireless connectivity or hope that you in no way mess up or some hidden feature of the phone does not reveal you. Just because your phone is not broadcasting does not mean it isn't listening and logging data. You must not use a weak unlock password or other features that make it possible to hack or brute force your phone open. You need to get coordinates and you must not do it with a device that can be connected to the internet.
Photos. Digital cameras are unencypted and to delete photos you must manually write over the data on the SD card. Phones have internet. If you decide to make a phone that can not send out signals then you can use it as a camera. It will be encrypted and using it won't stand out.
Sending photos. Some send drop photos straight from phone through wickr to client. Photos are sent with all EXIF and all identifying image data. EXIF data is data like GPS, phone or camera model. Data in image is lens distortion, can identify device camera model. Post processing effects applied by camera app. Scratches on lens will uniquely identify device later or through social media photos where defects are present. To safely send photos
1. Connect encrypted phone through USB to encrypted computer OS like Tails.
2. Unlock phone and transfer photos over to secure OS.
3. Open photo in image editing program. Tails comes with GIMP.
4. Make a selection in image of relevant data in the image and copy that into a new file. This will cut out lens distortion effects and defects at the edges of the image and by copying into new image you do not copy over the EXIF data.
5. Reduce the image dimensions as much as you can so that the image is still useful for identifying location of drop. Reducing pixel X pixel dimension you lose some of the scratches on the lens and any individual pixel on the image sensor that has a deviation and might be used to identify camera later on. Reducing quality by increasing image compression rate you lose even more data that might be used to identify camera.
Use a brand new device that has no images made by it that have been uploaded to the internet.
Never use the device for anything else.
Avoid scratching the camera lens or the glass that protects it. Big gouges might not disappear with reducing the image quality.
Do not use your home internet connection for work. Vendors are identified because of it. Bridges do not necessarily help. Many countries censoring Tor have all bridges. LE agencies can do same. Still use bridges when using Tor.
Do not use anything without Tor. If you use Wickr then you must use it with Tor.
Drug trade is international. People who use the DNMs can speak English. If you can hide among the hundreds of millions of English speakers in the world then do not identify yourself as someone who can speak English + 2nd language spoken by 50 million + 3rd language spoken by 7 million. You might put yourself in a very small pool of people. The Wall Street Market admins were identified as Germans because they spoke German to each other.
You might be in a situation where it is valuable information to the police that you are out of product and will restock next month. Never let anyone know that you are restocking or when you will be restocked. Maybe obfuscate your restock date if you did run out of product. You could be selling for 2 weeks already, perhaps you hold off and don't.
It is harder for the local police to investigate you if you live far away.
Do not let your clients rush you and make you conduct your business in an unsafe way as a result. If you work as a dead dropper for a vendor then the same applies. Do it correctly and safely.
Not all people are doing their crypto transactions over Tor. Your ISP or a spy node on the crypto network can see what transaction you made.
With the transition to Monero some people are not fully appreciating all investigative techniques that can be applied. Be aware of AEA attacks and dusting. You must wash and launder your crypto. You can not sell drugs and at the same time make face to face cash for crypto deals in same city. There was a vendor in the US that sold crypto for cash to LE and got busted during a transaction while logged into their DNM account. Operation Dark Gold. They will try again, if an operation isn't already in the works.
Do not listen to people that tell you to be loose and sloppy with opsec. Some of the brain dead crap listed in the beginning resulted in 10-15 year jail sentences.
Controlled purchase. Bitcoin traced to crypto exchange account owned by vendor.
Controlled purchase. Vendor used GPS on phone to get coordinates to give to customer. Phone GPS consists of GPS, wi-fi access points in range, cell towers in range. Vendor phone traced to drop location.
Controlled purchase. Vendor reused general drop area. Controlled purchase and drone airplane in the air. Drone identified cars going to drop area access route. Car identified. You can have drone in air read license plate, camera placed at road under surveillance, use any CCTV camera to get plate.
Vendor did drops in urban area. CCTV.
Buyer identified in separate investigation and busted. From buyer account tell vendor that drugs not found. Vendor goes back to drop to look for drugs.
Not exclusive to dead drops but vendors leave DNA and prints on packaging material.
Timing attack. Tor or communication service access by vendor from vendor owned internet access point. At same time verified activity by vendor.
How to do dead drops?
You need a place to store drugs, packaging equipment. Packaging equipment are scales, vacuum sealers and vacuum bags. Storage place can be smaller and harder to locate but probably harder to work in. You can store things where you work. Important is that the place and things are as hard to tie you as possible. You should not be identified if place is found and place should not be found by you being identified. You must not work where you live or store where you live. We all live in different countries and our options are different. Drugs should be stored as smell proof as possible. Local police forces might sweep high risk places with dogs. Smell proofing also protects from oxygen and humidity and that will degrade some drugs very fast.
Sometimes vendors are identified by packaging equipment purchases. Keep that in mind when you are buying things. Whether you are buying with credit card from a store or ordering from web. Maybe you want to buy in the same area where the police department is that will investigate you, maybe you want to buy somewhere further away. Maybe you want to use specialty equipment with limited users and availability, maybe you want to get creative.
Do not leave DNA or fingerprints behind. Equipment you should use are hair nets. Safety goggles to prevent eyelashes from falling into powders. Probably overalls used by painters so that you do not leave any hair behind from your pet dog. Rubber gloves. Keep in mind that rubber gloves can leave prints behind because they are so thin and can contour on your fingerprints. Put on a pair and tighten it on your fingertip, do you see your fingerprint? Wear 2 pairs just in case. Put on your gloves in a way that you do not leave DNA on the outer surface of them. Do not touch every glove when getting a pair out of a box. Do not touch the glove all over when trying to get a pair on. Wipe down each layer of vacuum bag with bleach. You might have transferred DNA from a glove, lost some dandruff or eczema skin, a tiny hair, some spittle as you chat with your buddy...
At your working location never use a phone. You leave your phone behind when you go to work. You do not want to be tied to the location if it is found and you do not want the location to be found through you or anyone else.
If you need to take notes then use a laptop and a Tails USB or Qubes + Whonix. This way your information is encrypted. Do not use a paper and pen.
Controlled purchases will be made. If you go to the woods right now and 2 hours later give the location to the police then they have much more to work on than if you were at the drop location up to a day ago, 2 days, a week. If you properly vacuum seal your drugs then they can stay in the ground for a long time. Maybe it isn't that smart to give the drop location to the police when they can still smell your fart in the wind? If you make custom orders of 1 g of this 5 of that and 15 of another then you need to pack drugs and make drops every day, that is a more dangerous and stressful work schedule. If you force people to buy 100 g then it might be 6 months after a drop and you are in Belize when the purchase is made. Figure out what is best for you and what your clients will accept.
When you go make a drop then leave nothing behind. No cigarette buts, no candy wrappers. Do not take a shit in the woods, do not piss against a fence. You lose cells from your intestinal walls and inside your urethra, that is DNA. Do not leave your footprints or tire tracks in the mud.
If you go to make or pick up a drop then do not look peculiar as all hell in your tough guy criminal outfit. If you are going to a trail then look like a jogger. Have a reason to be where you are and look the part.
Do not transfer DNA or prints to the package after it has been packaged. Wear gloves that do not have your DNA on the outside and use a container for transportation that does not have your DNA on the inside.
You should not use an internet connected device for getting GPS coordinates. Handheld GPS - pros: no internet. Cons: can look suspicious or out of place, not encrypted, no way to securely erase data from internal memory. Phone - pros: easily available, does not look out of place, can be encrypted, you do not have to worry about secure deletion of encrypted data. Cons: need to physically remove hardware for all wireless connectivity or hope that you in no way mess up or some hidden feature of the phone does not reveal you. Just because your phone is not broadcasting does not mean it isn't listening and logging data. You must not use a weak unlock password or other features that make it possible to hack or brute force your phone open. You need to get coordinates and you must not do it with a device that can be connected to the internet.
Photos. Digital cameras are unencypted and to delete photos you must manually write over the data on the SD card. Phones have internet. If you decide to make a phone that can not send out signals then you can use it as a camera. It will be encrypted and using it won't stand out.
Sending photos. Some send drop photos straight from phone through wickr to client. Photos are sent with all EXIF and all identifying image data. EXIF data is data like GPS, phone or camera model. Data in image is lens distortion, can identify device camera model. Post processing effects applied by camera app. Scratches on lens will uniquely identify device later or through social media photos where defects are present. To safely send photos
1. Connect encrypted phone through USB to encrypted computer OS like Tails.
2. Unlock phone and transfer photos over to secure OS.
3. Open photo in image editing program. Tails comes with GIMP.
4. Make a selection in image of relevant data in the image and copy that into a new file. This will cut out lens distortion effects and defects at the edges of the image and by copying into new image you do not copy over the EXIF data.
5. Reduce the image dimensions as much as you can so that the image is still useful for identifying location of drop. Reducing pixel X pixel dimension you lose some of the scratches on the lens and any individual pixel on the image sensor that has a deviation and might be used to identify camera later on. Reducing quality by increasing image compression rate you lose even more data that might be used to identify camera.
Use a brand new device that has no images made by it that have been uploaded to the internet.
Never use the device for anything else.
Avoid scratching the camera lens or the glass that protects it. Big gouges might not disappear with reducing the image quality.
Do not use your home internet connection for work. Vendors are identified because of it. Bridges do not necessarily help. Many countries censoring Tor have all bridges. LE agencies can do same. Still use bridges when using Tor.
Do not use anything without Tor. If you use Wickr then you must use it with Tor.
Drug trade is international. People who use the DNMs can speak English. If you can hide among the hundreds of millions of English speakers in the world then do not identify yourself as someone who can speak English + 2nd language spoken by 50 million + 3rd language spoken by 7 million. You might put yourself in a very small pool of people. The Wall Street Market admins were identified as Germans because they spoke German to each other.
You might be in a situation where it is valuable information to the police that you are out of product and will restock next month. Never let anyone know that you are restocking or when you will be restocked. Maybe obfuscate your restock date if you did run out of product. You could be selling for 2 weeks already, perhaps you hold off and don't.
It is harder for the local police to investigate you if you live far away.
Do not let your clients rush you and make you conduct your business in an unsafe way as a result. If you work as a dead dropper for a vendor then the same applies. Do it correctly and safely.
Not all people are doing their crypto transactions over Tor. Your ISP or a spy node on the crypto network can see what transaction you made.
With the transition to Monero some people are not fully appreciating all investigative techniques that can be applied. Be aware of AEA attacks and dusting. You must wash and launder your crypto. You can not sell drugs and at the same time make face to face cash for crypto deals in same city. There was a vendor in the US that sold crypto for cash to LE and got busted during a transaction while logged into their DNM account. Operation Dark Gold. They will try again, if an operation isn't already in the works.
Do not listen to people that tell you to be loose and sloppy with opsec. Some of the brain dead crap listed in the beginning resulted in 10-15 year jail sentences.