From Crpyto-Vanguard to Criminal Mastermind – Before DNMs, There Was Paul Le Roux

“With his imposing 350-pound physique, anvil-shaped forehead, and blue-black eyes that gleam like lit cigarettes, [Le Roux] strides into a room and takes command, projecting the menacing gravitas of an absolutely powerful medieval monarch, a Gilded Age robber baron, or a Wagnerian antihero.”

― image from the cover of “Hunting LeRoux” by Elaine Shannon and William Morrow

Before the Iranian arms dealing, African gold smuggling, and North-Korean meth dealing, a criminal portfolio built upon the foundation of an internet pharmacy empire netting tens of millions of dollars a year, Paul Leroux’s beginnings can be traced back to the 1990s as something of an online-privacy advocate and trailblazer in the development of encryption software.

Born in present day Zimbabwe (then called Rhodesia) on Christmas Eve, 1972, at the age of 12 (in 1984), LeRoux’s adoptive parents relocated their family to South Africa, hoping, in part, to find better schools for their prodigiously intelligent son.

During his teens, LeRoux was given his first computer and was instantly captivated by it. From that point on, he was “always holed up in his room.” Soon later, when he was 15 or 16, local police raided the family home and arrested him for selling pornography. Not long after, LeRoux, hating the idea of learning Afrikaans, which he considered a dead language but was nonetheless a requirement in South African schools, dropped out altogether and enrolled in a local trade school’s programming course.

At the age of 17, following a family trip to Disney Land in the United States, LeRoux informed his parents upon returning home that he was leaving. Eight months later, he headed for the UK. From there he moved to Virginia Beach in the United States and then followed a girlfriend to live in Australia. It was during his time in Australia, that the author of an excellent series LeRoux in The Atavist Magazine was able to trace his “faint digital trail” back to old message boards from the 1990s.

A troll by any account, often writing outrageous things just to get a rise out of other forum members ― “All of Australia could disappear into the Pacific and the only difference it would make to the World is that the Americans would have one less pussy country to protect” ― LeRoux was also a prolific poster in encryption forums.

Sure enough, it turned out that in 1997, LeRoux had started building the E4M (Encryption for the Masses), software that allowed users to encrypt their hard drives and hide the existence of encrypted files, releasing it as freeware and offering additional tailored services for pay two years later in 1999.

LeRoux’s E4M website included a manifesto, reading in part: “The battle for privacy has long since been lost in the real world. As more and more human activity becomes computerised, governments are scrambling to preserve and extend their powers. Strong Encryption is the mechanism with which to combat these intrusions, preserve your rights, and guarantee your freedoms into the information age and beyond.”

From here LeRoux’s E4M software laid the foundation for the development and initial release of TrueCrypt in 2004, which for years after was considered “the most powerful and reliable encryption solution available.” It is widely speculated that LeRoux himself created TrueCrypt as well, though it has never been verified.

From here, LeRoux headed down a more nefarious path.

Modern Crime Family

New eras often spawn new opportunities and alliances. The cartels of the last few decades and the gangs and mafias before them are all products of the means and possibilities unique to their respective ages. Paul LeRoux personifies a new era of organised crime more grievous and chaotic than any preceding it. An alliance between what Silicon Valley calls “digital nomads” and highly trained ex-military mercenaries looking for private work is “a quantum leap,” as one agent phrased it in an interview with Vulture. “It is not an additive increase of capabilities — it is a quantum, quantum step.”

The cartels for instance, he explains are “still an industrial enterprise — farm to arms. Someone’s gotta grow the coca leaves, process it, move it. It’s all discoverable, it’s all vulnerable. It’s locked to physical places. It’s dependent upon a fabric of loyalty to keep people in place. Paul LeRoux blows all of that away. There’s nothing. There’s just the man and a bridge chair, and an empty penthouse with a laptop.”

Through this enterprise, LeRoux became something of a progenitor to dark net vendors everywhere and, according to Evan Ratliff, the author of a book about LeRoux called “The Mastermind,” he could have probably stopped there and eventually been considered a trailblazer in telemedicine as well.

But driven by audacious criminality, he didn’t stop. He went dark, into the pit of a criminal underworld that enables terrorism and influences war. “LeRoux was Silk Road before Silk Road was cool. These guys were well ahead of the curve. LeRoux was so far ahead of the curve. He identified the ungoverned spaces. He identified the chaos [of those spaces,]” as another agent put it.

Through mercenary alliances, modern technology, and complete disregard for right and wrong, LeRoux was able to avoid detection by decentralising the business of organised crime as he commandeered a vast, worldwide enterprise, from narcotics and arms to timber and gold smuggling. He incorporated the entrepreneurial “move fast and break things” spirit of Silicon Valley like a Jeff Bezos of the Underworld.

Some of the most sensational revelations have been uncovered in the form of transcripts of conversations recorded by federal agents over wiretaps of one of LeRoux’s close associates, a mercenary named Hunter:

“Hunter: When we did it, we did it all. We, we hand grenaded, threw it, hand grenaded the

people’s houses. We ah… not kidnapped a guy, but we conned him to come with us. We

put him in the ocean, shot at him; he gave us the money back ah… assassinated people…”

“One time I went to Sri, Sri Lanka to buy hand grenades. We have guys in Somalia buying

weapons that are making an arm… they were. They was making a army in Somalia

because we were gonna invade an island; Maldives just… You can’t make it up.”

Two anonymous sources detailed in an Atavist article by the same author as “The Monster” novel describe the Somalia deal in more detail:

In 2009, LeRoux had a contact in Somalia gather a team to build a militia at the height of the sea-piracy debacle going on there at the time. They provided militia-members with uniforms, vehicles, and armed them with heavy weaponry, such as AK-47s and grenade launchers, in what one source believes was a plan to establish a base on the shore of Somalia and sell protection to shipping companies from Somali Pirates.

As soon as that failed, LeRoux had the same contact in Somalia set up another front operation and began importing millions of dollars’ worth of farming and greenhouse equipment from all around the world with plans to begin the cultivation of hallucinogenic plants and start manufacturing cocaine.

Eventually, LeRoux learned he had been overpaying his militia men from the previous endeavor twice the going rate for that type of work. He blamed his main contact there, cut his losses and gave up on Somalia all together. The locals eventually raided the compound and stole all the weaponry, killing one of LeRoux’s ex-associates in the process.

“He blew up with his main guy over 150 bucks a person” one of the sources intimated. “That is so Paul.”

Elaine Shannon, author of the book Hunting LeRouxlikens him to a psychopath when she describes the way he sold weapons technology to the Iranian government and worked for years with them on a precision missile project, which, had it ever been completed, would have almost certainly shared with terrorist proxies such as Hezbollah and Hamas, who could in turn have used said technology to outmaneuver Israeli missile-defense systems, decimating the country, along with Sunni-Arab nations in the Persian Gulf region, and American bases in those areas as well. The result of which would not only be unfathomable death and destruction, but complete destabilization in many parts of the world as well.

“[A] door into the ratlines into North Korea, the ratlines into Iran, the ratlines into the mercenary world.” Through him, Shannon says she can tell us what it’s like to be in this modern era of organized crime.

“He wanted to destroy a lot of the world,” she says. One can’t help but juxtapose LeRoux in this light to the “The Dark Knight’s” Joker. Maybe he just wanted to watch the world burn.

Pill Mills

Whatever the case, his entire criminal enterprise was built off the profits of illicit online pharmacies, an industry that LeRoux had begun to revolutionize by the mid-2000s, when a number of “pill mills” started popping up online. These were websites that allowed American citizens to obtain prescription medications by filling out questionnaires about their medical history and symptoms, then picking a drug of their choice. The questionnaires would be sent to a US doctor working for one of the pill mill’s subsidiaries who would then write a prescription and send it off to a pharmacy, also contracting with a subsidiary, to be filled and shipped to the customer.

The most prolific, and quite likely the very first, of these pill mill operations was run by LeRoux, a massive network of websites with names like Cheaprxmeds.com, allpharmameds.com, buymedscheap.com, etc. These websites operated under company names like RX Limited and Alpha-Net.

In addition to facilitating prescription drug operations, RX Limited also operated a sophisticated marketing strategy utilizing a number of these domains to relentlessly spam any e-mail address they could find and recruit outside affiliates who received commissions for driving more users to RX Limited’s websites. ISP’s and e-mail providers blocked the domains often, but as soon they did, another purchased from registrars like GoDaddy would replace it and continue the process.

Purchasing domains from public registrars became problematic overtime, in large part due to the efforts of a former White House aide on Drug Policy, John Horton, who began making waves with LegitScript, a service aiming to rein in the now rampant illicit pharmacy enterprises operating online, by accusing Domain Name Registrars doing business with them of being safe havens for internet drug rings.

In response to this problem, LeRoux eventually launched his own registrar, called ABSystems, allowing him to generate countless web addresses exclusively for RX Limited at virtually no cost. This not only made ABSystems one of the most notorious and perseverant spammers online at the time, but by 2012, LegitScript estimated that ABSystems and one other registrar, Internet.bs, accounted for more than half of the world’s illicit online pharmacies.

RX Limited in particular “specialized” in the supply of two non-narcotic painkillers, Fioricet and Ultram (tramadol), and the muscle relaxer, Soma (carisoprodol), as well as the generic equivalents of all three. This network of sites contracted with multiple US pharmacies, at its peak serving thousands and netting tens of millions of dollars per year.

One Kentucky pharmacist who contracted with RX Limited, for instance, filled more than 700,000 prescriptions ― over $25 million worth ― from 2007 to 2012. The incentive for pharmacists was a $4 processing fee for each prescription filled and shipped. (Many of these pharmacists were eventually prosecuted and jailed.)

Over time, LeRoux himself made hundreds of millions of dollars operating these pill mills. The brunt of his finances was handled in Hong Kong, from where he would use the illicit funds to purchase precious metals, such as gold bars and diamonds, which were kept in an assortment of houses and condos owned by him, until eventually being shipped to the Philippines, where LeRoux was living at the time. They were held in safe-keeping, guarded by a full-time security detail. “A constant influx of money turned into gold,” as one of his associates described it. Others would say later that they were convinced LeRoux was a billionaire.

The DEA began launching a number of operations targeting illicit online pharmacies around 2007: Operation CyberRx, Operation Baywatch, Operation Lightning Strike, etc. Some to dismantle the pill mill websites themselves, much like Operation Bayonet, which brought down Alphabay and Hansa on the dark web years later, and others targeting the proprietors of these industries, such as LeRoux, themselves. Which, much like the way agents will investigate DNM vendors, often began with agents making controlled buys from those websites to investigate.

It would be years yet before they managed to catch him, as agents began to untangle the complex trail of names, pseudonyms, credit card statements, shipping records, banking records, e-mails, and the myriad shell companies attached to them all around the world. As one agent explained, in part: tracing “the FedEx account and who opened that, and various email accounts, various affiliate programs—finding out who the affiliates were, who is paying those people—finding out where the servers were.”

Agents found, for instance, that roughly 100 pharmacies around the country were shipping drugs under the same FedEx account, the FedEx account lead agents to the pharmacists, then one of those pharmacists ended up being connected to some of RX Limited’s credit card processing operations in the US, and the trail goes on. Slowly but surely, the whole thing began to unravel for LeRoux from there.

By 2009, agents had gathered enough info on LeRoux to earn him a spot as one the Department of Justice’s (DOJ) top targets on the U.S. Attorney’s Consolidated Priority Organization Target List (CPOT). A list usually reserved for the most “prolific” international drug traffickers, such as Joaquin ‘El Chapo’ Guzman, LeRoux became the first person to be put on the list for prescription drug trafficking alone.

Elusive and cunning, all this and agents still had no photo of him at the time.

Federal law finally caught up with the online pharmacies though, adding more hurdles for the industry. FedEx refused to continue doing business with RX Limited or affiliated companies, then, in 2011, the DEA declared Soma a controlled substance, and the US Government illegalised the distribution of it across state lines ― effectively dismantling a third of LeRoux’s business overnight.

LeRoux’s CPOT status gave federal agents special wiretapping powers against him, all the while hoping to eventually catch him slipping, as they watched his empire crumble, the feds were, as of yet, unable to get LeRoux on the phone.

This changed soon after a string of former associates began informing to federal agents on LeRoux. Two decided to go to authorities, fearing that he was planning to have them killed, and another in retaliation for LeRoux using his name on business registrations without permission.

These informants got law enforcement close enough to LeRoux that he began to feel the heat. Living in the Philippines for some time now, he had been paying off high and low level law enforcement in the country, and it is likely that someone in their ranks tipped him off.

Brazil has unique laws, refusing the extradition of Brazilian citizens into the custody of other nations, and in most cases, non-citizen parents of Brazilian children as well. So LeRoux, in a rather absurd scheme to avoid extradition, fled to Rio de Janeiro, found a Brazilian mistress, bought her an apartment, and fathered her child.

What LeRoux did not realise was that Brazil also has weak privacy laws that provided DEA agents with an unexpected advantage. For several weeks, they could obtain an “informal” wiretap, and use the information from that wiretap to justify further surveillance later on.

All they had to do now was have one of their informants get him on the phone, once that happened, the taps started to flow, providing invaluable information. Notably, that LeRoux was scrambling to have associates in Hong Kong start liquidating his gold assets as quickly as possible, this allowed the DEA to put Hong Kong Police on his associates’ trail, eventually arresting many of them and seizing as many of LeRoux’s assets as possible.

At this point, LeRoux decided on a new plan: to sell 200 kilograms of cocaine to a buyer in the South Pacific. Unbeknownst to him as he made these plans, of course, DEA agents in Brazil were listening in the whole time.

Also unbeknownst to LeRoux was that this decision, coupled with his past arms dealings in the Philippines and Somalia, would officially label him a narco-terrorist, a designation derived from the DOJ’s assertion that certain drug traffickers constitute a security threat to the United States and has allowed the DEA to expand its operations around the globe.

Meanwhile, needing to get LeRoux out of Brazil and into a country they could easily extradite him from, the DEA had set up its own deal undercover. They used an informant and trusted LeRoux associate to set up a trade-off of meth-precursors for cocaine between him and a Colombian cartel leader turned DEA informant in Liberia. He took the bait.

As Elaine Shannon explains, when Liberian law enforcement turned him over to the DEA, the 300+ pound LeRoux dropped like a dead fish, refusing to cooperate as they dragged him onto their plane.

“Well played gentleman,” he said, once they got him on, “and now you want something bigger don’t you?” “No?” They said. “Bigger? What’s bigger?”

“Nation-states, gentleman,” LeRoux replied.

He was ready to delve into those ratlines: Iran-military-industrial complex, North Korean military-industrial complex, Chinese Triads. But first on the list was his own industrial-complex. His capture was kept secret while he contacted his associates from Federal custody, aiding agents in the dismantlement of his very own criminal empire. He’s still in custody today, helping secure lifelong sentences against some of the very criminals he created, and for all the cooperation he’s provided, LeRoux stands to receive a sentence as little as 10 years once everything is all said and done.

Advertisements

0 comments on “From Crpyto-Vanguard to Criminal Mastermind – Before DNMs, There Was Paul Le Roux

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: