[OPSEC/Computer] Why a DDoS from LE makes perfect sense right now; here me out

This is probably tin-foillery but here me out, it's not the most unfounded conspiracy theory you've probably read

Consider the relationship between uptime of markets and total mail throughput volume. It's like baby boomers; markets go away, large bloat of mail when they return.

Then consider this scenario. Evo falls, LE notices, immediately starts devising a plan. DDoS the most popular markets that push the most volume, while paying careful attention to the frequency of profiled senders/routes/packages. after a few days, let the markets back on and measure any significance in a potential "bump" in the volume during this time and perhaps flag/inspect a few profiled routes that dipped during this time interval, and start profiling any new found routes that followed the dip.

Perhaps they weren't after any busts at all, but the relative ups and downs of mail volume over the course of the past 2 weeks has extremely important implications as to the size, scope, and threat of the trade and this information would make a very good report/analysis. If the bump was big, the DEA can write about the new threat and would begin honing in on the darknet. If the bump was small, there might be a report "total darknet markets drug volume insignificant in larger picture" and we will continue to operate under half-assed surveillance.


Comments


[11 Points] throwaway4daDN:

Dnm is such a small % of mail you're so off here haha


[3 Points] boofk:

Dude dnm packs make up like .000001 percent of mail.


[2 Points] thesilksheet:

Such small differences wouldnt make a dent. Think about how many people in a 10 mile area might have a birthday that month. Or are sending birthday packages that month. and not the next. Also You think LE has enough man power to watch every drop in a 60 mile area? do you know how many sorting stations there are? most smart venders wont drop all in one box. but an even amount over a larger area.


[2 Points] None:

The amount of online shopping parcels being mailed through USPS and Canada Post are thousands upon thousands each week. I do not think DNM parcels can be honed in on in the way you describe, it is much too small of a percentage IMO.


[2 Points] motsanciens:

In the macro, I don't think there's much that could be analyzed. But in a specific investigation, like of a major volume vendor, the pattern disruption could have lead to a break. Using an algorithm of some kind, I imagine there might be an ongoing analysis as to a vendor's general location. I don't know their methods. Maybe they make 5 orders on the same day to 5 different addresses, and they use postmarking to view the routes of those 5 packages, looking for a pattern that indicates where the vendor might live. So, a big downtime from the evo exit could definitely harden or break some of their assumptions. I'm trying to say that I see what you're getting at, even if some of your own assumptions were a little off.


[1 Points] throwmefarawayfavre:

Come back when you know the difference between "here" and "hear".


[1 Points] Theeconomist1:

The thing I'd remark on is that this didn't necessarily peak Les interest. They've been trying to stamp this out for a while. But what they do probably see is an opportunity to exploit in some way. I don't know beyond that what it really means. The bump in mail volume would be like measuring a change of a few drops of water in the ocean. I don't know how successful that route would be.

We just plain and simple don't know the full story of anything. So it's hard to really forsee what's happening. In some regards we are all speculating. But I don't think evo put anything on the radar for LE. It's been on the radar. What we should be mindful of is like anything else, this can be an opportunity for LE to exploit in a few ways. But I'd make the assumption that LE has had their eyes on the dnms for a while. If evo was just an exit scam, then I don't know if it changes their gameplan much. If there are other factors, then who knows. We could fit any number of back stories and it'd make sense simoly bc we lack facts.

Mail monitoring though - I don't see them doing it this way. The change is so minute as not to be perceptible. Like I've warned, when people reach out to dislocated evo vendors make sure you know who you are talking to! Scammers have been posing as vendors. If LE wanted it could easily be them. Although that effort to nab the random personal buyer is prob not worth the effort.

As always be careful. I hope the market down times are admins hardening their systems and that's it.


[1 Points] freebird33:

I follow that line of thought. Sounds reasonable. Let's hope the change is insignificant. I would imagine that hundreds of thousands of mail items go through the postal service every month. It seems to me that they wouldn't be able to gain that much info... but wtf do I know.


[1 Points] SWIMstains:

Holy shit, do you have any idea how much money that level of operation would cost, just to look at some extremely noisey data that is utterly worthless? A one day Amazon sale on one popular product would create a larger bump in delivered packages than the entire DNMs combined, then that expensive ass data LE wanted would be lost.

All so that they have a vague idea of how much DNMs traffic packages along poorly defined routes? No way. This is like trying to find a container ship in the ocean by measuring the size of waves on the beach. Even if you could measure every wave on every beach in the world with perfect clarity and miraculously account for all the variable weather and tides, that wouldn't tell you who's steering that ship. Or if it's even the right ship.


[1 Points] Mashyman89:

OK. so I have been lurking here for years and reading a lot the last couple of weeks, eating a lot of popcorn and watching these little sagas unfold. This is my best guess. The source code for Evolution was grabbed and disseminated between all the various markets through different ways (sold, stolen, shared, whatever). I've seen the source code posted in various places and even seen scrapes posted here. EVO had a pretty good run. I think a lot of theses markets are coded form scratch or remnants of now defunct or hacked darknet sites. Admins of all the different markets analyzed the source code, and immediately almost all the markets went down for maintenance as everybody upgrades or made changes to their existing systems. Markets start to come back online. Feds realize they are not infiltrated into the markets anymore because of changes and immediately implement massive DDOS attack similar to what they did to SR2 to isolate their Tor relays and close back in on their targets. This shit seems obvious to me. Granted, I have no technical background in this subject, it just fits the narrative of what been going on for years. Thoughts?


[0 Points] None:

[deleted]