Terrible pirate drowned due to leaking captcha

As you may remember, in October 2013 the FBI closed Silk Road and found its administrator, Ross William Wilbricht. Many people speculated how it could turn out how such a serious person could so easily de-anonymize.

Everything turned out to be extremely simple: Ross did not set up his server to access the normal Internet through Tor (requests to the Internet went directly), and the captcha that was used on the login page loaded data from the Internet, thus revealing not only the fact of showing a captcha, but also The IP address of the server where Silk Road is hosted.
')
This is what the feds say:

The leakage of the IP address that we discovered was done through the login page interface. During the investigation of the packets sent, an IP address was found that does not belong to any known Exit-node. This IP address (“suspected IP address”) was the only non-Tor IP address.

This IP address has interested us. If the hidden service is configured correctly, then the outgoing IP address of the server must belong to the address of one of the Tor nodes, and not disclose the real address of the server, for which Tor was made. When I tried to open this IP address in a regular (non-Tor) browser, I saw how part of the Silk Road login page (captcha entry page) opened. Based on my experience and skills, this means that this IP address belongs to the Silk Road server, and it “leaked” because the code responsible for the login page was not configured to use Tor.

Dread Pirate Sunk By Leaky CAPTCHA @ krebsonsecurity.com