'Drop Gangs' the Latest Evolution in Darknet's Avoidance of Law Enforcement
Online black markets shift faster than police can respond
Technology and the state are caught in a constant cat-and-mouse game of surveillance and evasion. As soon as one side gets wise to the other's tricks, they modify tactics to again outpace their rival. Rinse and repeat until either everyone is in jail or law enforcement just gives up. Then the next technological phase change emerges and the race starts all over again.
The brief history of virtual black markets—often called "darkweb" or "darknet" markets—is an excellent example of the never-ending battle between technologies of resistance and state efforts to repress them.
In the not-so-distant past, darknet markets like the Silk Road were the cutting-edge in transactional freedom. Today, that model is already obsolete, displaced by a more decentralized alternative called "drop gangs." Drop gangs use invite-only encrypted chatrooms to connect buyers with sellers, who then "dead drop" the wares in a public place where the buyer later retrieves. It sounds crazy and risky, but there are good reasons why black markets would move in this direction.
Centralized darknet markets provided many marked improvements over the alternatives when they first started cropping up around 2011. Rather than resorting to physical black markets, with all the requisite security risks, individuals could turn to a Tor-based platform to buy and sell basically anything they'd like. This mostly meant drugs, but it also included things like fake credentials, arms, and knockoff fashion.
This, of course, caused much establishment wailing and grinding of teeth. Sen. Chuck Schumer (D-N.Y.) called for an all-out war on darknet markets and a crackdown on cryptocurrency in 2011. Unsurprisingly, law enforcement officials pivoted to probe these supposedly untraceable drug networks with gusto.
The high-profile arrest of the alleged operator of the Silk Road was just the beginning of the problems that would come to plague darknet markets. Market operators faced extreme risks not always commensurate with their security practices. One momentary lapse of protocol could mean a key player got nabbed by police, opening the possibility that they would rat on others. Law enforcement worked their way up hierarchies, entrapping other operators.
And not every black market was run by a "beneficent dictator" like the Silk Road's ideologically-committed "Dread Pirate Roberts." Some darknet operators absconded in the night with cryptocurrency kept in escrow, thieving hundreds of thousands in funds from customers who would have no recourse in state courts. Such is the gamble one takes when expecting honor among shadowy cyber smugglers.
State officials surely hoped that their scorched earth campaigns against darknet markets would scare away any would-be Dread Pirates Robert from even thinking of taking on the risk of multiple life sentences in jail, thereby smothering these developments in stateless exchange in the crib. In reality, they only spurred adaptation.
A report from the underworld by a self-described darknet-dwelling cypherpunk known as "The Real Smuggler" reveals the next generation of those aforementioned "drop gang" markets. Today's "darkweb markets" don't really occur on the dark web at all, but rather rely on a combination of encrypted communications platforms and public hidey-holes to shuttle information and wares among buyers and sellers.
Here's how TRS describes it: Sellers open an invite-only chat room where they advertise their wares and prices on an encrypted messaging platform like Telegram. These mainstream apps are much more accessible than the Tor-based platforms of old, allowing customers to more effortlessly peruse the day's marijuana offerings on their smartphones. It also eliminates the need to trust a platform operator. Sometimes these channels are automated by bots that answer questions on the merchant's behalf.
A sale is made. Cryptocurrency is still the payment of choice, although centralized escrow services are a no-go. Rather, drop gangs prefer careful "multi-signature transactions," which is kind of like an "if this, then that" for money. In short, the seller won't receive the funds unless some condition is met (e.g. the buyer receives the goods).
And the actual delivery? The post office is no longer unwittingly employed as a drug mule. Here is what may be most surprising about drop gangs: Sellers drop (get it?) their parcels in some public place that the buyer then retrieves. Sellers can send pictures to the buyer; some embed them with "low-cost Bluetooth beacons" for still more precise retrieval. It seems risky, but it apparently beats the alternative.
Courier lines can be tracked. Drop gangs, on the other hand, are made nimble and nested by selecting ephemeral and hidden-in-plain sight locations to asynchronously trade goods. Sellers routinely change up their drop sites lest law enforcement become wise to their comings and goings. So long as rapport is kept up among buyers and sellers, and buyers don't fear that they will be entrapped or accosted by thugs at the location (although it's not like there is physical cash on their person to nab), this more decentralized system could prove more robust than the relatively-fragile darkweb markets.
TRS's post veers into some more fanciful predictions about the future of darkweb markets. For instance, he suggests that the physical delivery could be further automated, facilitated entirely by a drone delivery system. These somewhat outlandish forecasts, plus the hard-to-believe hyper-efficiency described, has led some in the cryptography community to doubt the painted picture of a broad and sophisticated drop gang infrastructure. The hidden nature of the enterprise makes it difficult to discern its true extent.
There are trade-offs, even if drop gangs do work as effectively as described.
Tor-based networks may have been susceptible to capture, but they offered a great scale of trade. The stereotypical college stoner in Colorado ordering weed online may very well have purchased it from a seller in Eastern Europe, who may have subsequently tapped a provider in Central America. It was a global enterprise.
Drop gangs are far more geographically limited. If enough of them take off, they may come to serve a comparable customer base. But they will necessarily be more localized.
Then there are the reputational hurdles. Darknet markets' Amazon-like (and surprisingly detailed) review systems were among their most novel and useful innovations. Drop gangs have no such legible reputation system, relying instead on carefully-cultivated networks of personal trust.
The virtual veils that obscure sellers from law enforcement also obscure them from potential customers. Newcomers will find it hard to discern who is worthy of that trust and who isn't, or who might simply be an imposter. It is easy to see how officials could ensnare newbies by posing as a drop gang seller on Telegram.
Still, the fact that these arrangements exist at all is a remarkable testament to human ingenuity and blinded coordination. Regardless of how one feels about the contents of the trades, the emergence of a mechanism to facilitate high-risk exchange without traditional reputational feedback is sociologically fascinating in its own right.
Drop markets also shed light on the eternal dance between agents of control and technologies of resistance. Whack one mole, and another will be programmed somewhere law enforcement had not even thought to look. And this one will be craftier.
Moral debates on the content or consequences of any suppressed technology understandably dominate conversation. But contexts change. One may today cheer the shuttering of drop gang infrastructure to combat the menace of drug addiction. But tomorrow that same system may be a last ditch hope for a fake travel documents to escape an authoritarian regime. Whatever the case, the technologists will always be working towards an exit.