After seizing Flugsvamp 2.0, law enforcement in Sweden announced the identification “many” of the marketplace’s 17,600 users. Swedish authorities have already arrested some of those users, according to a recent press release. Both buyers and sellers are currently under investigation.
On February 12, law enforcement in Sweden announced the seizure of Flugsvamp 2.0. The Flugsvamp 2.0 investigation–called Operation Incognito 2–involved support from law enforcement in more than 25 countries and has been running for two years now. During the investigation, Swedish authorities successfully identified “many” of the market’s 17,000 customers and 600 vendors. Police have now arrested 14 suspects in connection with the case for alleged drug or money laundering crimes.
Authorities arrested the market’s administrator in September 2018 but only recently started arresting users of the market. The announcement covering the arrests revealed very little information about the arrests or about Operation Incognito 2. It did emphasize that even buyers were a target for investigators. Police are currently analyzing data from the seized Flugsvamp 2.0 server(s) in “hopes of being able to identify more buyers and sellers.”
“Today, there are tools and methods for identifying people who commit crimes on the darknet. You cannot be anonymous,” one official said.
Björn Eriksson, detective inspector at the National Cybercrime Centre and the person in charge of the investigation:
“Many people think that darknet is a hidden part of the internet where crimes can be committed anonymously and with impunity. They are completely wrong. We have developed our capabilities, and you cannot feel secure on hidden sites even when the criminal schemes are very advanced.”
There is a post on Dread by /u/GuidedByVices titled “Discussion: OpSec Lessons from the Flugsvamp 2.0 Bust” that covers some of the interesting elements of the investigation. It builds off documents hosted by Gwern. (And here is the full size seizure banner.)