A very real and scary new threat to the DNM community. Operation ITOM (EU-Worldwide)

The Dutch Public Prosecution Service (Openbaar Ministerie or OM) currently is looking for ways to stop, scare, hinder and prosecute both vendors and (likely to some degree) customers operating within and from Europe. This is an outline of their international 3-point plan; which is not an official release but was given as an statement on DNM's from the OM to an journalist of volkskrant.nl; one of the leading newspapers in the NL.


PROJECT: ITOM (Illegal Trade on Online Marketplaces)

Source: Dutch only, sorry: http://static3.volkskrant.nl/static/asset/2014/Reactie_Openbaar_Ministerie_6685.pdf

Released 2 days ago


1 . Hindering and stopping vendors, administrators and shutting down hidden markets. Along with serious measures to track down and prosecute vendors. The Hague's Prosecution service which is leading ITOM will soon be holding coordinated international joint operations in the following months (to attempt to take down markets and/or vendors). The involved countries and agencies have already held meetings about this plan in the last few months


2 . More scrutiny on outgoing and incoming pieces of mail within and from the Europe. This will not just involve customs but also mail and postal services themselves before they even leave the sorting center (by the sound of it). It also needs to become much harder to anonymously send drugs through the mail through more thorough investigations and putting up several roadblocks to keep it from being this easy. According to this paper plans for this have already been set in motion since late 2013 but not fully. So this will likely be ramped up.


3 . Chasing the "Bottleneck" that is Bitcoin and de-anonymizing cash out methods and ways to turn Bitcoin into cash. They are also making it sound as if they are going after, or at least investigate those who purchase Bitcoin to a certain degree, because to their reasoning there are very little legal ways to spend bitcoin. ITOM soon will also propose a new law or rule-set regarding Bitcoin exchanging and transactions, this is their final mention regarding this point, no other information given.


Funded by the EU(!) in cooperation and planning with the following agencies:

Pretty much every single Dutch investigation agency except the dutch Homeland Security equivalent AIVD

And border forces (Custom Inspection) of the following countries:


I hope this serves as a warning. We should have seen this coming, and we should also see what is coming in the next few months to years. Having good OPSEC, not leaving any traces and taking this more serious should be incredibly important to all of us, especially those in Europe.


Here's an additional piece of information about Dutch vendors in particular. It reports that the Dutch online drug trade is rivaling the income from the legal coffeeshops:

http://www.volkskrant.nl/vk/nl/2686/Binnenland/article/detail/3757208/2014/09/27/Hoe-online-coffeeshops-een-miljoenenomzet-draaien.dhtml

Translation through google:

https://translate.google.com/translate?sl=auto&tl=en&js=y&prev=_t&hl=de&ie=UTF-8&u=http%3A%2F%2Fwww.volkskrant.nl%2Fvk%2Fnl%2F2686%2FBinnenland%2Farticle%2Fdetail%2F3757208%2F2014%2F09%2F27%2FHoe-online-coffeeshops-een-miljoenenomzet-draaien.dhtml&edit-text=


And as a final note, lets not forget that ISP's can see if you are or have been using TOR. In combination with this.

The normal OPSEC standard should be upgraded to some higher security levels for all of us.


Comments


[128 Points] specificallyforGates:

I just want to smoke some fucking weed god damn

it's really not this fucking serious


[60 Points] tvgn9545:

people need to flood the politicians with numerous envelopes of worthless weed with no stealth at all and has to be opened at the post office, like a 1/4 gram of chopped up seeds and stems, or the shit that makes speed paste stink (without the speed paste,) until the mail system becomes completely overwhelmed. Send in your tax forms but rub some weed on the outside of the envelope first. There's probably some cheap chemicals on ebay that triggers drug alerts. Also, create a virus that secretly runs TOR on billions of computers around the world for a few seconds when the computer is idle. (since it causes no ill effects on the user, nobody will notice it, or bother to delete it.) I'm sure you guys can come up with even more ideas.


[31 Points] Plumerian:

Sounds like monkey chest beating when policy makers notice other people are making money. They move in to protect their own assets with threats of law. Well, that's done a lot of good so far...


[15 Points] kirkkommander:

It would be interesting to know the statistic for dollar amounts exchanged on the DNMs versus the drug market as a whole. I would imagine the percentage is quite small, while the cost to implement all of this is disproportionately high. It's just silly.

On the one hand you have a group of users and vendors who interact with each other through a system that promotes research, safety, and professionalism, while on the other hand you have the general drug market, with it's gangs, mafias, dealers, etc. While the former group uses legal technology to evade LE so that they can get quality assured product, the latter group uses murder, bribery, and whatever other means to convert drugs in to money.

I was going somewhere with this, but it's time to get ready for work.

Basically TLDR: while we should all step up our OpSec in the first place, I hope that one day these governments realize how foolish they've been targeting the wrong group, or even putting resources towards targeting it.

Edit: words, mxe to blame


[12 Points] BlueShadesTM:

This is a big indicator that Tails and PGP need to be used. Not only that but everyone on Reddit should be masking their identities.

Assuming over 50% of people don't use PGP and assuming over 70% of people don't use Tails there are a lot of people at risk.

EDIT: As Jishgnozwald pointed out, tails might not be the best option... https://www.reddit.com/r/tails/comments/2dnv6t/security_advisory_tails_users_are_significantly/


[6 Points] creamynebula:

Just a recommendation to everyone: google "Tor bridges" and setup your protocol obfuscated bridges so your ISP cant see you are using Tor, the ability to use obfs2, obfs3 and fte bridges is supported by the current browser bundle, which of course you should always keep updated.


[6 Points] og_by_monsanto:

Estland=Estonia, Letland=Latvia, Litouwen=Lithuania... For those who were wondering


[5 Points] deepdot:

Heres an English link about that:

http://www.coe.int/t/dghl/cooperation/economiccrime/Source/Cybercrime/Octopus2013/Presentations/Workshop4/ITOM.pdf


[5 Points] Nobu7:

So how are they going to do it? I doubt very much they are going to start checking all outgoing business mail.


[3 Points] SacredGeometry25:

What a waste of money


[6 Points] gonzobon:

I love how the governments of the world try everything except legalizing and regulating. Spending glorious amounts of wasteful tax dollars on imprisonment seems to only serve the Prison Industrial Complex.


[3 Points] gerundive:

Increasing OpSec etc are tactics in what may well be a losing battle, which doesn't mean it's not a battle worth fighting, as it gains time to find and develop alternatives to Tor and BTC. IMHO DNMs have a future of at least 3 months, maybe even a couple of years or more, but the internet seems to be developing a lot faster than its individual elements are.


[3 Points] joseph11h:

Looks like the massive Royal Dutch drug smuggling empire doesn't like the competition.


[2 Points] None:

team prohibition doubles down


[2 Points] crazynmoody:

Damn. And all the good shit comes from eu too


[2 Points] orbiterr:

shit !! I hate these government idiots - especially from EU parliament - bunch of useless bureaucrats and crypto-communists ! I'm just curious if ITOM is in the planning stage and it not yet fully approved or is it already underway and in progress.


[1 Points] BigSmileyFace:

canada not on the list. do we win?


[1 Points] Naer-Zed:

what are the customs like coming into UK? does frequency of international orders to one address raise any flags in term of searches?


[0 Points] hdheuud:

Can they please just let Belgium be and fuck with the rest of the eu