Earlier this year, the US Department of Justice announced the sentencing of Anurag Pramod Murarka, aka “ElonMuskWHM,” the mastermind behind a sprawling dark web-based money laundering scheme responsible for moving over USD 24 million in illicit funds linked to drug trafficking, hacking, and violent crime. The sentencing—121 months in federal prison—marked the culmination of a multi-year investigation led by the FBI, with critical support from the US Postal Inspection Service.
Murarka, an Indian national, operated a cash-for-crypto laundering service primarily via darknet markets White House Market and Dark0de Reborn, as well as the peer-to-peer platform LocalMonero. His pitch was simple but potent: users could send bitcoin and receive cash via U.S. Postal Service Express or Priority Mail, often within days. At its height, the service advertised capacity to send up to $1 million per week in cash.
What makes this case particularly notable—and a model for threat-finance enforcement—was the FBI’s long-game approach. Murarka was first arrested when he traveled to the US for medical treatment, but instead of immediately shuttering the operation, agents continued running the laundering service covertly for over a year. This allowed the FBI to gather intelligence on customers across multiple illicit ecosystems and follow the money upstream. Agents tracked transactions tied to drug trafficking, stolen crypto, and even proceeds from armed robbery.
A critical pillar of the investigation was the use of blockchain intelligence to trace illicit funds. Agents followed the flow of cryptocurrency from undercover transactions conducted by the FBI and US Postal Inspection Service through a network of intermediary wallets and ultimately to accounts controlled by Murarka and his co-conspirators. These transactions—initially anonymized using peer-to-peer platforms and darknet interfaces—left immutable records on public blockchains, which investigators mapped in detail. Blockchain intelligence confirmed that Murarka was not only facilitating cash-for-crypto swaps but was also mixing funds from different criminal sources—drug proceeds, hacking, and theft—into a single laundering pipeline.
This analysis helped establish the scope of the conspiracy and tied specific wallet activity to WhatsApp and Telegram communications identified through pen registers and device data. As the investigation progressed, the blockchain became a real-time map of criminal cashouts, revealing not only how Murarka moved money but also when and where his network operated. This case shows how blockchain intelligence is not just a tool for tracing—it’s a gateway to attribution that allows law enforcement understand networks and to convert pseudonymous transactions into actionable leads.
Murarka’s courier inside the US was flipped into a confidential informant, revealing critical operational details. The laundering operation relied on a layered tradecraft system for in-person cash pickups. Murarka, operating under the Telegram handle “nomorehardwork,” required couriers to send him photos of specific dollar bills. Those serial numbers were then forwarded to buyers, who verified the exchange using the same bills—creating a three-point authentication system across WhatsApp and Telegram, without ever meeting face-to-face.
Using pen register and trap-and-trace data, agents linked this operation to multiple Indian phone numbers and devices. One of the most pivotal moments in the case came from digital forensics and cloud surveillance. Investigators traced crypto from undercover buys directly to wallets controlled by Murarka. His WhatsApp account—tied to the number +91 9867615027—showed a consistent post-drop communication pattern: couriers would send confirmation images to an intermediary, who then passed them to Murarka, verifying the exchange had occurred.
To unmask his identity, agents cross-referenced this WhatsApp number with Indian visa records, which tied the number to Murarka’s real-world identity and his role as CEO of an Indian geospatial firm. From there, they identified an Apple ID linked to the same number and obtained a sealed search warrant for Murarka’s iCloud account. Data extracted included messages from Telegram, WhatsApp, and Wickr detailing cash exchange logistics, screenshots of receipts, and location data placing him at the scene of key operations. Apple records confirmed he was using multiple iOS devices to run the laundering network.
In total, agents documented over USD 24 million in laundered funds across hundreds of transactions over two years. During the takedown, agents seized roughly USD 600,000 in cash from Murarka’s U.S. accomplice, along with device backups containing communications with hundreds of clients.
“Using the internet, the defendant provided his assistance to countless other criminals as they tried to conceal their stolen money and illegal drug proceeds,” said U.S. Attorney Carlton S. Shier IV. The case, he added, “highlights the global scope of cybercrime, as well as the demand for diligence and collaboration in fighting money laundering.”
This case reflects the very best of coordinated, intelligence-led law enforcement: combining blockchain forensics, digital surveillance, undercover operations, and international cooperation to penetrate one of the more sophisticated dark web laundering schemes in recent memory. As DOJ shifts its focus toward threat actors—not institutions—and emphasizes precision enforcement, this case is a model for what modern crypto investigations should look like.
Access our coverage of TRON, Solana and 23 other blockchains
Fill out the form to speak with our team about investigative professional services.
