<!DOCTYPE html>
<html lang='en'>

<meta charset='utf-8'>
<meta name='viewport' content='width=device-width, initial-scale=1'>
<meta name='description' content='This article as PDF.
Dropgangs, or the future of dark markets The Internet is full of commercial activity and it should come at no surprise that even illegal commercial activity is widespread as well. In this article we would like to describe the current developments - from where we came, where we are now, and where it might be going - when it comes to technologies used for digital black market activity.'>

<meta property='og:title' content='Dropgangs, or the future of darknet markets • Opaque Link'>
<meta property='og:description' content='This article as PDF.
Dropgangs, or the future of dark markets The Internet is full of commercial activity and it should come at no surprise that even illegal commercial activity is widespread as well. In this article we would like to describe the current developments - from where we came, where we are now, and where it might be going - when it comes to technologies used for digital black market activity.'>
<meta property='og:url' content='https://opaque.link/post/dropgang/'>
<meta property='og:site_name' content='Opaque Link'>
<meta property='og:type' content='article'><meta property='article:section' content='Post'><meta property='article:published_time' content='2018-12-26T19:18:17Z'/><meta property='article:modified_time' content='2018-12-26T19:18:17Z'/><meta name='twitter:card' content='summary'>

<meta name="generator" content="Hugo 0.53" />

<title>Dropgangs, or the future of darknet markets • Opaque Link</title>
<link rel='canonical' href='https://opaque.link/post/dropgang/'>

<link rel='icon' href='/favicon.ico'>

<link rel='stylesheet' href='/assets/css/main.77da63e1.css'><link rel='stylesheet' href='/css/custom.css'>

<body class='page type-post'>
<div class='site'>

<a class='screen-reader' href='#main'>Skip to Content</a>

<header id='header' class='header-container'>
<div class='header site-header'>
<nav id='main-menu' class='main-menu-container' aria-label='Main Menu'>
<ul class='main-menu'>
<a href='/'>#</a>
<a href='/post/'>archive</a>
<a href='/projects'>projects</a>
<a href='https://opaque.link/index.xml'>subscribe</a>


<div class='header-info'>

<p class='site-title title'>Opaque Link</p>

<p class='site-description subtitle'>cyberpunk, cryptoanarchy, privacy extremism, thoughts</p>

<main id='main' class='main'>
<article lang='en' class='entry'>
<header class='header-container'>
<div class='header entry-header'>
<div class='header-info'>
<h1 class='title'>Dropgangs, or the future of darknet markets</h1>


<div class='meta'>
<span class='posted-on'><svg class='icon' viewbox='0 0 24 24' stroke-linecap='round' stroke-linejoin='round' stroke-width='2' aria-hidden='true'>

<rect x="3" y="4" width="18" height="18" rx="2" ry="2"/>
<line x1="16" y1="2" x2="16" y2="6"/>
<line x1="8" y1="2" x2="8" y2="6"/>
<line x1="3" y1="10" x2="21" y2="10"/>

<span class='screen-reader'>Posted on </span>
<time class='date' datetime='2018-12-26T19:18:17Z'>2018, Dec 26</time>

<span class='reading-time'><svg class='icon' viewbox='0 0 24 24' stroke-linecap='round' stroke-linejoin='round' stroke-width='2' aria-hidden='true'>

<circle cx="12" cy="12" r="10"/>
<polyline points="12 6 12 12 15 15"/>

18 mins read



<div class='entry-content'>

<p>This article as <a href="/files/dropgang.pdf">PDF</a>.</p>

<h1 id="dropgangs-or-the-future-of-dark-markets">Dropgangs, or the future of dark markets</h1>

<p>The Internet is full of commercial activity and it should come at no surprise
that even illegal commercial activity is widespread as well. In this article we would
like to describe the current developments - from where we came, where we are now, and
where it might be going - when it comes to technologies used for digital black market

<p>We will refrain from any legal, moral or ethical judgment on these activities but focus
on the technical and operational security aspects. What is illegal and unethical
trade for one is perfectly legal for another. Judge for yourself.</p>

<h2 id="clearnet-black-market-use-pre-2011">Clearnet black market use, pre 2011</h2>

<p>With the spread of the Internet, black market merchants soon started taking advantage of
it for communicating with their customers, advertisement and payment facilitation.
Early products were mostly centered around pornography, call girl rings, stolen data
and intellectual property crimes - mostly stolen software and entertainment media - and thus
either focused on digital delivery of goods and services, or facilitating “personal” services.</p>

<p>Use of the Internet to facilitate the marketing and sales of physical goods - drugs, weapons,
false identification papers - began latest in the late 1990s, but usually focused on local
geographic markets in major cities. This was due to the fact that payment and delivery still
required in person meetings. Credit cards were the only viable online-capable payment system
and they proved to be too dangerous for a lot of merchants of illegal goods, therefor physical cash

<p>This changed fundamentally when in the 2003-2007 period the first widely used pseudonymous
centralized digital currencies came to the attention of merchants. Mail-order type businesses
for physical goods that did not adhere to local law, tax or otherwise, developed. Most of
these businesses however refrained from publicly marketing and instead were only available
through word of mouth and to tightly knit online communities.</p>

<p>With the introduction of Bitcoin, the first decentralized cryptocurrency, a paradigm shift
took place. It was likely “The Silk Road” that first fused the availability of this new
kind of online payment system with anonymous access and publication of web content.</p>

<h2 id="darknet-markets-2011-2017">Darknet Markets. 2011-2017</h2>

<p>“The Silk Road” was the first of a phenomenon that became widely known: Darknet Markets.</p>

<p>The shallow description of a darknet market consists of a website hosted on an anonymous
overlay network like Tor or I2P where merchants can present offers, buyers accept those
offers, and the payment between both is conducted through cryptocurrencies. Additional
functionality like merchant-to-buyer private communication, reputation tracking, payment
escrow services and forums in which both merchants and buyers can have public discussions
is often provided.</p>

<p>The shipment of products for these markets typically was conducted by the merchant via
the official postal system or parcel services (UPS, FedEx, DHL).</p>

<p>Darknet Markets as such were <em>centralized</em> marketing, communication, processing, reputation
and escrow platforms which attracted primarily small merchant organizations that featured
flat hierarchies - if they had any hierarchy at all. Customer binding and market share was
primarily through the market itself, and not to the merchant.</p>

<p>A limiting factor for darknet markets was that customers had to use anonymous overlay networks
such as Tor or I2P to be able to access these platforms. This was a barrier of entry for
large segments of the potential consumer group and also limited the (secure) access of the
markets to non-mobile customer devices like personal computers and laptops. Clearly not
the convenience that is required by most modern consumers - especially in the drug user

<p>The centralized nature of these markets, the binding of customers to market, use of the
postal service and the flat hierarchies of merchants had significant negative operational
security implications.</p>

<p>While fraud by merchants was effectively tamed by the central reputation system of each
market, fraud by the markets became a commonplace. Darknet markets would start offering
escrow services which then allowed the market operators to run with the money. This was
only curbed by the introduction of multiparty transactions that would require any two
of either the buyer, merchant and market to agree for funds to move (a feature that can
be implemented with some cryptocurrencies by employing multi-signature transactions).</p>

<p>More severe were infiltrations and take-downs of darknet markets by law enforcement. Since
the majority of offers, and most reputation data, was publicly available attacks using
open source intelligence methods like web harvesting and analysis, as well as account take-
overs became a common threat. Several cases in which law enforcement infiltrated the
accounts of moderators and operators as well as merchants undermined trust in the
darknet markets. Furthermore several markets were taken offline by law enforcement, often
locking up funds and leading to insecurity in the economy.</p>

<p>Furthermore merchants were more and more often targeted by sting operations, tracking of
shipments through the postal system, and tracing of cryptocurrency transactions.
Merchants that were successfully identified and raided often had access to a long history
of payment details and shipping addresses of buyers which further eroded the trust in the
darknet markets. The flat hierarchies also lead to the deep penetration and complete
identification of the members of market operator teams and merchant organizations.</p>

<p>Lastly, the loss of darknet markets lead to severe disruption of client-merchant relationships -
identities and reputation being lost, previous marketing efforts being negated - often
leading to temporary or even permanent collapse of merchant business.</p>

<h2 id="dropgangs-2017-2018">Dropgangs. <sup>2017</sup>⁄<sub>2018</sub>-?</h2>

<p>The problems of darknet markets have triggered an evolution in online black markets.</p>

<p>To prevent the problems of customer binding, and losing business when darknet markets go down,
merchants have begun to leave the specialized and centralized platforms and instead ventured
to use widely accessible technology to build their own communications and operational

<p>Instead of using websites on the darknet, merchants are now operating invite-only channels
on widely available mobile messaging systems like Telegram. This allows the merchant to
control the reach of their communication better and be less vulnerable to system take-downs.
To further stabilize the connection between merchant and customer, repeat customers are
given unique messaging contacts that are independent of shared channels and thus even less
likely to be found and taken down. Channels are often operated by automated bots that allow
customers to inquire about offers and initiate the purchase, often even allowing a fully
bot-driven experience without human intervention on the merchant’s side.</p>

<p>The use of messaging platforms provides a much better user experience to the customers, who can
now reach their suppliers with mobile applications they are used to already. It also means
that a larger part of the communication isn’t routed through the Tor or I2P networks anymore
but each side - merchant and customer - employ their own protection technology, often using
widely spread VPNs.</p>

<p>The other major change is the use of “dead drops” instead of the postal system which has proven
vulnerable to tracking and interception. Now, goods are hidden in publicly accessible places like
parks and the location is given to the customer on purchase. The customer then goes to the
location and picks up the goods. This means that delivery becomes asynchronous for the merchant,
he can hide a lot of product in different locations for future, not yet known, purchases. For the
client the time to delivery is significantly shorter than waiting for a letter or parcel shipped
by traditional means - he has the product in his hands in a matter of hours instead of days.
Furthermore this method does not require for the customer to give any
personally identifiable information to the merchant, which in turn doesn’t have to safeguard it
anymore. Less data means less risk for everyone.</p>

<p>The use of dead drops also significantly reduces the risk of the merchant to be discovered by
tracking within the postal system. He does not have to visit any easily to surveil post office or
letter box, instead the whole public space becomes his hiding territory.</p>

<p>Cryptocurrencies are still the main means of payment, but due to the higher customer-binding,
and vetting process by the merchant, escrows are seldom employed. Usually only multi-party
transactions between customer and merchant are established, and often not even that.</p>

<p>Marketing and initial vetting of both merchant and customer now happens in darknet forums and
chat channels that themselves aren’t involved in any deal anymore. In these places merchants
and customers take part in the discussion of best procedures, methods and prices. The market
connects and develops best practices by sharing experience. Furthermore these places also serve
as record of reputation, though in a still very primitive way.</p>

<p>Other than allowing much more secure and efficient business for both sides of the transaction, this
has also lead to changes in the organizational structure of merchants:</p>

<p>Instead of the flat hierarchies witnessed with darknet markets, merchants today employ hierarchical
structures again. These consist of procurement layer, sales layer, and distribution layer. The
people constituting each layer usually do not know the identity of the higher layers nor are ever
in personal contact with them. All interaction is digital - messaging systems and cryptocurrencies
again, product moves only through dead drops.</p>

<p>The procurement layer purchases product wholesale and smuggles it into the region. It is then sold
for cryptocurrency to select people that operate the sales layer. After that transaction the risks
of both procurement and sales layer are isolated.</p>

<p>The sales layer divides the product into smaller units and gives the location of those dead drops
to the distribution layer. The distribution layer then divides the product again and places
typical sales quantities into new dead drops. The location of these dead drops is communicated to
the sales layer which then sells these locations to the customers through messaging systems.</p>

<p>To prevent theft by the distribution layer, the sales layer randomly tests dead drops by tasking
different members of the distribution layer with picking up product from a dead drop and hiding
it somewhere else, after verification of the contents. Usually each unit of product is tagged
with a piece of paper containing a unique secret word which is used to prove to the sales layer
that a dead drop was found. Members of the distribution layer have to post security - in the form
of cryptocurrency - to the sales layer, and they lose part of that security with every dead drop
that fails the testing, and with every dead drop they failed to test. So far, no reports of using
violence to ensure performance of members of these structures has become known.</p>

<p>This concept of using messaging, cryptocurrency and dead drops even within the merchant structure
allows for the members within each layer being completely isolated from each other, and not knowing
anything about higher layers at all. There is no trace to follow if a distribution layer member
is captured while servicing a dead drop. He will often not even be distinguishable from a regular
customer. This makes these structures extremely secure against infiltration, takeover and
capture. They are inherently resilient.</p>

<p>Furthermore the members of the sales layer often employ advanced physical tradecraft to prevent
surveillance by the procurement layer when they pick up product. This makes it very hard to
dismantle such a structure from the top.</p>

<p>If members of such a structure are captured they usually have no critical information to share,
no information about persons, places, times of meeting. No interaction that would make this
information necessary ever takes place.</p>

<p>It is because of the use of dead drops and hierarchical structures that we call this kind of
organization a <em>Dropgang</em>.</p>

<p>The result of this evolution is a highly decentralized, specialized and resilient method of
running black market commerce. Less information is acquired, shipments are faster, isolation
between participants is high, and multiple independent sales channels are established.</p>

<h3 id="open-questions-to-dropgangs">Open questions to Dropgangs</h3>

<h4 id="risks">Risks</h4>

<p>Three main risks present themselves for Dropgangs:</p>

<li>Cryptocurrency tracing: Since all payments are conducted with cryptocurrency, the use of
“Privacy Coins” has established itself within the Dropgangs. However, customers usually
only have less private currencies available. This requires a functional exchange
infrastructure between less and more private cryptocurrencies. This vector of attack is
currently exploited by law enforcement.</li>
<li>Communication tracing: Dropgangs necessarily operate infrastructure to keep in contact
with their customers. Law enforcement can potentially identify and track this infrastructure
to find the operators. However, operators usually have access to sufficient anonymization
technology and are well trained in using it.</li>
<li>Surveillance of potential dead drop locations: Potential dead drop locations can be
identified and surveilled by law enforcement to find those serving them. This poses
a number of problems for law enforcement. First, the number of potential dead drop locations
is very high which requires a lot of resources to surveil to even catch anybody by pure luck.
Second, it is hard to distinguish customer and supplier at this moment if the dead drop
operator uses basic protective tradecraft.</li>

<p>It is likely that the black market will solve the cryptocurrency tracing risk soon. Technology
in this field is developing quickly. It is likely that either new exchange methods are found,
like peer-to-peer decentralized on-chain swaps, or that additional privacy layers are added
to less private cryptocurrencies. Cryptocurrencies like Beam and Grin both provide a reasonable
amount of privacy while also supporting atomic on-chain swaps between them and widely accepted
cryptocurrencies like Bitcoin and Ethereum.</p>

<p>The other two risks are already handled well by professional operators in the field.</p>

<h4 id="reputation">Reputation</h4>

<p>Compared to centralized darknet markets, Dropgangs face the issue that reputation is even more
important to find customers and to vet customers, while at the same time having less suitable
tools available. The current method of reporting sales experience on forums is open to spamming
and manipulation since it is hard to show that a deal even took place.</p>

<p>It is likely that forums and merchants develop best practices to solve this problem. There is the
potential that merchants will start to issue “proofs of sale” in a cryptographic form, that
customers then use to make statements about the performance of the merchant in public forums.</p>

<p>This would allow for distributed and secure calculation of both merchant and customer reputation
without the risk of spamming and manipulation. However, it also opens up a small risk in that
law enforcement then has access to more data about the activities of a merchant. This risk however
will likely be both mitigated by technology, as well as accepted by merchants and customers for
smoother and more efficient market operation. We expect development in this field very soon.</p>

<h4 id="localization-of-dead-drops">Localization of dead drops</h4>

<p>Dead drops have to satisfy four functions:</p>

<li>They must be plentiful. The more potential locations for dead drops, the more secure their
operation in face of law enforcement surveillance.</li>
<li>They must be easy to locate for the customer who has received the necessary information from
the merchant.</li>
<li>They must be unlikely to be found by accident.</li>

<p>These three functions together form the problem of localizing: There must be a high asymmetry of
information required to find the location over the accidental find.</p>

<p>Classically, when used by intelligence agencies, dead drops relied on being concealed. This lead to
dead drops being hard to find even by the intended recipients without costly preparation and training.
One of the results of this was that dead drops were often used repeatedly, which increased the probability
of both sender and recipient being identified by surveillance.</p>

<p>An ideal dead drop is however used exactly once. Only then can the risks of using it be reduced to
pure bad luck.</p>

<p>This challenge is met by Dropgangs in various ways. The primary one is that the documentation of
each dead drop is conducted in minute detail, covering GPS coordinates, photos of the surrounding and
the location, as well as photos of the concealment device in which the product is hidden (such as
an empty coke can). The documentation however increases the risk for the Dropgang since whoever
creates it would be more easy to identify by surveillance. In addition, even great documentation
still requires the customer to understand it and follow it precisely, which can lead to suspicious
behavior around the dead drop location (staring at photos, visually comparing them to the surrounding,

<p>A first development to mitigate the problem of localizing is the use of Bluetooth beacons. In addition
to the product, the dead drop contains a little electronic device that sends a signal that can be
received by a smartphone, which in turn can display the direction and approximate distance to the
device. In addition to the GPS coordinates, the customer requires only a smartphone with the correct
App. Beacon devices like these are available on the open market for under ten dollars.</p>

<p>They do however pose the risk of a non-authorized party to discover the dead drop, simply by searching
an area suitable for hiding dead drops with their own smartphone.</p>

<p>There are first reports of using beacon devices that are not constantly sending a signal, but have
to be activated first. The activation usually happens by establishing a WiFi hotspot on the customer’s
phone (by using the WiFi tethering feature). Only if the beacon sees a WiFi hotspot with a specific,
merchant provided, unique name will it start to send a homing signal itself. Devices like these
are very cheap (<15 USD) and have gained traction in the field, but they pose risks to the customer:
His smartphone becomes identifiable by observers, even over considerable distance. This can lead
to tracking the customer.</p>

<p>An alternative solution found is the use of WiFi activated beacons that instead of sending a Bluetooth
signal use audible sounds that are loud and distinct enough to be heard by the customer for localization.</p>

<p>The lifetime of these beacons is surprisingly high. They usually lay dormant for a predefined time
before they begin to listen for activation. During the listening phase, they usually only become
active for a few seconds every minute. This method allows these beacons to lay passive for days
or even weeks using only very cheap chemical batteries (instead of rechargeable batteries that are
more expensive).</p>

<p>We expect the next development step to be related to beacons that listen for
ultrasound signals before they activate. The customers smartphone would play these signals through
its speakers, transmitting a unique code that activates the beacon. The beacon then would send
out a homing signal that the customer can follow with his phone. This is likely going to be made
available as an App that will make the complete process of localizing very user friendly and fast.</p>

<h2 id="future-development">Future development</h2>

<p>It is likely that future developments in this area will focus on customer convenience. Better
homing beacons will be developed, and mass produced in Shenzhen factories to drive down the price.</p>

<p>Another expectation is that messaging services will appear that combine better anonymity for
both merchant and customer with integrated payment systems and potentially even dead drop localizing
functionality. Reputation tracking is a further feature that is likely to be integrated.</p>

<p>These messaging services will be dual use. They will be used both by the black market as well as
by legitimate vendors, integrating automated, bot-controlled customer interaction with peer-to-peer
payment is certainly a major technology to become commonplace in business. First steps in this
direction have been taken by Chinese messaging companies, Telegram and even Facebook.</p>

<p>Given the developments in technology and methods, it is very likely that black markets will spread
in both availability and demand. All kinds of goods will be widely available, anonymously,
securely, in our cities and urban environments. More people will find their livelihoods in
taking part in these distribution networks, since required skills and risks are low, while
a steady income for the industrious can be expected. Instead of delivering papers, teenagers
will service dead drops.</p>

<p>This will lead to further developments that serve the convenience and security of black market
merchants and customers. A plausible next step would be the development of markets for dead
drop operators that make their living by picking up product from one dead drop and placing
it in another, working as a proxy for the customer to increase his safety and to reduce his
efforts. This would also make this distribution model wider spread and available to more
products, which will blur the lines between the black and the legal market. On this blurred
line new services and technologies will establish themselves, inherently dual use services
like lock boxes that can be paid by peer-to-peer cryptocurrencies.</p>

<p>Looking even further into the future, it seems plausible that the whole urban environment
might find itself integrated into a dynamic landscape of very short-lived dead drops that
are serviced by humans and cheap drones (unmanned aerial vehicles), which are already cheaply
available and likely only require one market actor to develop and spread a mechanism to
pick up and drop goods. Both merchant and customer could use drones, that are available for
rent through dedicated Apps, to deliver product to a meeting point on a roof, where another
drone would pick it up. Chaining multiple exchanges like this will make the tracing of the
delivery extremely hard, essentially leading to mixing techniques so far used only in
anonymizing digital communication.</p>

<p>Given the additional plausible development that long distance, high payload drones become
available more widely, and for much less cost, the procurement layer of Dropgangs will also
become more secure and efficient.</p>

<p>It is far from unlikely that these developments will lead to a breakdown of control and
regulation over low weight, low volume goods. The black markets are upon us.</p>

<p>Continue thinking, what is possible if we combine: 4G/5G mobile internet, anonymous messaging,
messaging bots, anonymous and untraceable digital currencies, strong end-to-end encryption,
GPS, cheap electronics, 3D printed mechanics, cheap drones - both short distance multicopters
and long distance fixed wing, visual processing for navigation, and lots of code.</p>

<p>What is possible if others combine these as well?</p>

<p>We have no idea what that will mean for our societies, good or bad. But we better start thinking
how to deal with the effects. And we should ask the right people about it, not those still
captured in the 20th century and the lobbying by industry.</p>


<footer class='entry-footer-container'>
<div class='entry-footer'>



<nav class='entry-nav-container'>
<div class='entry-nav'><div class='prev-entry'>
<a href='/post/digitalmoneydbc/'>
<span aria-hidden='true'><svg class='icon' viewbox='0 0 24 24' stroke-linecap='round' stroke-linejoin='round' stroke-width='2' aria-hidden='true'>

<line x1="20" y1="12" x2="4" y2="12"/>
<polyline points="10 18 4 12 10 6"/>

<span class='screen-reader'>Previous post: </span>Digital Money and DBCs</a>


<footer id='footer' class='footer-container'>
<div class='footer'>
<div class='social-menu-container'>
<nav aria-label='Social Menu'>
<ul class='social-menu'></ul>
<div class='copyright'>

© 2017-2018 opaque.link


</div><script src='/assets/js/main.5871befd.js'></script><script src='/js/custom.js'></script></body>