Excerpts From Ross Ulbricht’s 2013 Journal

4 minute read

Posted by: DeepDotWeb

January 23, 2015

All Excerpts by Gwern – (Source: Reddit)  – The full document is available at the bottom of this post:


  • been slowly raising the cost of hedging
  • orgainzed local files and notes


  • server was ddosed, meaning someone knew the real IP. I assumed they obtained it by becoming a guard node. So, I
  • migrated to a new server and set up private guard nodes. There was significant downtime and someone has mentioned
  • that they discovered the IP via a leak from lighttpd.


  • being blackmailed with user info. talking with large distributor (hell’s angels).


  • commissioned hit on blackmailer with angels


  • got word that blackmailer was executed


  • a distributor of googleyed is publishing buyer info
  • mapped out the ordering process on the wiki.
  • gave angels access to chat server


  • made sure backup crons are working
  • gave angels go ahead to find tony76
  • cleaned up unused libraries on server
  • added to forbidden username list to cover I <-> l scam


  • sent payment to angels for hit on tony76 and his 3 associates
  • began setting up hecho as standby
  • very high load (300/16), took site offline and refactored main and category pages to be more efficient


  • some vendors using the hedge in a falling market to profit off of me by buying from themselves. turned of access log
  • pruning so I can investigate later. market crashed today.
  • being blackmailed again. someone says they have my ID, but hasn’t proven it.


  • set up tor relays
  • asked scout to go through all images on site looking for quickbuy scam remnants
  • cimon told me of a possible ddos attack through tor and how to mitigate against it.
  • guy blackmailing saying he has my id is bogus

…04/21 – 04/30/2013

  • market and forums under sever DoS attack. Gave 10k btc ransom but attack continued. Gave smed server access.
  • Switched to nginx on web/db server, added nginx reverse proxy running tor hs. reconfiged everything and eventually was able to absorb attack.


  • Attack continues. No word from attacker. Site is open, but occasionally tor crashes and has to be restarted.


  • helping smed fight off attacker. site is mostly down. I’m sick.
  • Leaked IP of webserver to public and had to redeploy/shred
  • promoted gramgreen to mod, now named libertas


  • attacker agreed to stop if I give him the first $100k of revenue and $50k per week thereafter. He stopped, but there appears to be another DoS attack still persisting.


  • paid $100k to attacker


  • paid the attacker $50k


  • rewrote orders page
  • paid attacker $50k weekly ransom
  • $2M was stolen from my mtgox account by DEA
  • added smed to payroll
  • rewrote cart page

… 05/31/2013

  • $50k xferred to cimon


  • someone claiming to be LE trying to infiltrate forum mods


  • loaning $500k to r&w to start vending on SR.


  • put cimon in charge of LE counter intel

…06/05/2013 – 09/11/2013

  • …[redacted] did an interview with andy greenberg from forbes where i said i wasn’t the original DPR, went over well with community [redacted]…r&w flaked out and disappeared with my 1/2 mil…similarly cimon has been working on the mining and gambling projects, but no results forthcoming. created Anonymous Bitcoin Exchange (ABE) and have been trying to recruit tellers. the vendor “gold” is my best lead at the moment. nod is an H dealer on SR who says he has world class it skills and I am giving him a chance to show his stuff with ABE….


  • Got a tip from oldamsterdam that supertrips has been busted. [redacted]

09/11 – 09/18/2013

  • could not confirm ST bust. [redacted] …


  • red pinged me and asked for meeting tomorrow.

09/19 – 09/25/2013

  • red got in a jam and needed $500k to get out. ultimately he convinced me to give it to him, but I got his ID first and had cimon send harry, his new soldier of fortune, to vancouver to get $800k in cash to cover it. red has been mainly out of communication, but i haven’t lost hope. Atlantis shut down. I was messaged by one of their team who said they shut down because of an FBI doc leaked to them detailing vulnerabilities in Tor.

Many interesting points here:

  • The Atlantis mystery seems to’ve been resolved. They had no reason to lie to DPR that I can think of.
  • We know Supertrips had been busted
  • DPR was paying out an astounding amount in ransoms and whatnot
  • The IP was leaking all the time
  • The Redandwhite story gets more and more insane.It’s possible that it will feature in testimony. It would be interesting if ‘Brian Shaw’ turned out to be cimon’s guy…
  • Cimon failed utterly at his job of ‘LE counter intel’; why did he get paid $50k? (Bonus points: he was being paid it not long before the UC.)
  • Emailgate
  • Several entries are echoed in DPR’s spreadsheet: the cimon payment, the RAW loan, the Mtgox theft


Updated: 2015-01-23