bellingcatRussian - English - Français - Espagnol - Deutsch
Bellingcat est un groupe international indépendant de chercheurs, d’enquêteurs et de journalistes citoyens utilisant à la fois enquêtes open source et réseaux sociaux ▷ BELLINGCAT FRANÇAIS
Between February 2022 and September 2025, Bellingcat staff and volunteers collected, geolocated, and shared more than 2,500 incidents of civilian harm following Russia’s full-scale invasion of Ukraine. As part of this effort, Bellingcat tested a new machine learning model intended to rank Telegram social media posts on their likelihood of containing incidents of civilian harm. […]
Between February 2022 and September 2025, Bellingcat staff and volunteers collected, geolocated, and shared more than 2,500 incidents of civilian harm following Russia’s full-scale invasion of Ukraine.
As part of this effort, Bellingcat tested a new machine learning model intended to rank Telegram social media posts on their likelihood of containing incidents of civilian harm.
This novel methodology dramatically reduced the search and selection time required, freeing researchers to focus on verifying incidents of civilian harm – not just searching for them.
This piece documents our methodology, ethical considerations and lessons learned in the hope that others researching similar topics can benefit from our work.
Open source research into civilian harm is still a relatively new field and it presents many challenges – one of the biggest is organising and sorting through the huge volume of user generated content being produced to find what is relevant.
Machine learning, a form of artificial intelligence that uses algorithms to identify patterns from large amounts of data and make predictions, can make this task more efficient.
With ongoing conflicts involving large amounts of civilian harm occurring in Sudan, and much of the Middle East, this guide aims to offer those covering these conflicts an example of how machine learning can be used to help find and sort incidents. You can also access the Code Notebook for our model here.
We defined “civilian harm” not just as civilian deaths or injuries resulting from armed conflict, but also the broader and delayed effects on civilians from mental trauma, loss of livelihood, displacement, destruction of infrastructure and more. This definition was informed by the Protection of Civilians bookon civilian harm.
Initial Telegram Dataset
Each Telegram post containing civilian harm which had already been manually verified by researchers was used to build an initial dataset of confirmed cases of civilian harm, which data scientists call positive instances. We collected a total of 5,848 unique URLs for these Telegram posts. For our manual collection we reviewed posts on relevant Telegram channels, working through oldest to newest posts each day. Assuming that a given post made it to our geolocated incidents list, it meant the researcher who flagged it also looked at the posts that appeared before and after it on Telegram and did not flag those ones, so we selected the 10 posts surrounding the verified civilian harm post as our additional dataset of posts that did not contain civilian harm. After excluding any deleted or duplicate posts, we ended up with 48,545 non-civilian harm posts, our negative instances.
Support Bellingcat
Your donations directly contribute to our ability to publish groundbreaking investigations and uncover wrongdoing around the world.
The choice to overrepresent negative instances aims at better reflecting the real world and increasing data available for model training.
We enriched each URL with metadata from the Telegram API, such as the time of publication, reactions or textual content. As some of these posts had been deleted, we completed the missing data points with previously preserved versions from our Auto Archiver database, only available for the positive instances.
Feature Engineering
Training a machine learning model requires numerical data, as these models compute a prediction score based on mathematical operations.
We built these by converting raw data from our initial dataset, such as keywords signalling potential civilian harm, into numerical scores (or “features”) that the model could interpret, with the aim of increasing the model’s ability to identify patterns. This process, known as feature engineering, can significantly improve model results because it allows data scientists to suggest explicit context knowledge.
A full list of features we used to train the model can be found in the code notebook accompanying this piece. Many features were directly inspired by researchers’ input from their experiences manually screening cases of civilian harm by sorting through a set number of Telegram channels and inspecting each post individually.
Several of the features used were directly built from the metadata contained in each Telegram post including media_type, day_of_week; or binary ones: forwarded, edited andreply_to.
Other features included engagement information: views, forwards, total_reactions, and even individual features for most used emojis including the reaction_crying_face to count emoji.
Converting Text to Numbers
To embed the experience from the manual collection process, researchers put together a list of keywords both in Ukrainian and Russian that, to them, signalled posts likely to show civilian harm. For instance, “Шахед” and “КАБ” translated to “Shahed” and “Guided aerial bomb” respectively. We created a numerical feature to count their frequency.
In addition, we included several generic English-language keywords which meaningfully signalled potential civilian harm, such as “injured”, “school affected” and “hospital affected” that were only used for generating semantic similarity scores.
A semantic similarity score is a calculation used to determine the proximity in meaning between different words and phrases. To get the semantic similarity between the post text and each of our keywords, we represented each in a list of numbers via a Sentence Transformer model, which converts words into numerical representations called vectors that a computer can understand.
We then calculated the level of similarity between each vector using cosine similarity, one of the most popular methods for measuring similarity between two pieces of text.
Due to how embeddings work, this calculation results in a figure on a scale from -1 (no semantic proximity) to 1 (same meaning). For example, the words “hurt” and “injured” would have a high similarity score, while “residential” and “injured” would have a negative score as the words are not semantically similar.
Finally, to enable the model to identify the relevance of each post to civilian harm in Ukraine, we used a multilingual text transformer from the BERT family of language models to represent the entire post’s text as a vector of 768 numerical values. This model can efficiently represent text from many languages in a way that captures meaning: the same sentence in different languages will generate similar embeddings, and trained machine learning models can detect patterns in the embeddings.
It is important to note that for this initial prototype of a civilian harm detection model, we did not include any features derived from media content such as photos and videos, although that would be a logical next step in attempting to improve model performance.
Selecting, Training and Evaluating Models
With 54,393 rows of 893 numerical features each, we selected four machine learning algorithms to train our predictive models.
We chose Logistic Regression as a baseline algorithm due to its simplicity. We also selected three other “best in class” models, Random Forest, XGBoost, and LightGBM. These choices centred on the interpretability of the models and their ability to work on tabular data of this size. For example, we avoided neural networks due to a lack of interpretability and because those models work best with a larger dataset.
To genuinely assess the performance of the trained models, we split our dataset into three parts:
A training set – the data the models were trained on (60 percent of the full dataset’s rows)
A validation set – used for an intermediary evaluation when tuning model parameters (20 percent of all rows)
A test set – hidden for the final performance assessment, so the models were evaluated on unseen data (remaining 20 percent of rows)
We used a stratified split to divide the dataset instead of a random split. This method ensured the proportion of positive instances (i.e. confirmed cases of civilian harm) remained consistent across all three sets at about 11 percent.
To measure the performance of machine learning models, we ran them through the test set and measured the number of correct and incorrect predictions. Models output a likelihood between 0 and 1 that each Telegram post contains civilian harm, and we tried to find a cut-off threshold that leads to a good balance between flagging almost every post (0.1) or flagging very few (0.9).
There are two main types of evaluation metrics to gauge a model’s prediction power. Recall asserts what fraction of positive instances (i.e. known civilian harm posts) were correctly flagged as such. Precision measures the fraction of posts flagged as civilian harm that are indeed civilian harm posts.
During the training phase, we tuned the models to maximise average precision (PR-AUC), a metric that summarises precision across all recall levels. While this method also accounts for precision, it prioritises recall, which is preferable for this use case as it steers model selection to reduce the number of civilian harm posts that are skipped.
The following table sorts models from best to worst PR-AUC against a baseline of a coin-flip predictor. ROC-AUC and F1 are two other evaluation metrics included as sanity checks. Simply put, ROC-AUC measures the probability of ranking two instances, one negative and one positive, correctly; F1 balances precision and recall equally and its best cut-off threshold value.
Model test scores comparison, XGBoost stands out in every relevant metric evaluated.
From these results, we selected XGBoost as our final model as it had the best scores when compared across all metrics.
Interpreting the Model
Because these models are interpretable, we can understand which features are the most useful when predicting whether a post includes civilian harm. The above table shows the top 10 features that most strongly signal the XGBoost model to make a decision:
semantic_keywords_similarity: the semantic proximity between the post text and manually selected keywords “casualties”, “damage” and “civilian harm”
bert: the model was able to discern meaning from the text with the same strength as some of the other features in this list – there are three cases of this in the top 10
reaction_crying_face: reactions with crying face emojis on the post
group_of_messages: whether a post contains multiple media files
keywords_in_text: the number of custom Ukrainian or Russian keywords in the post
These results generally tally with what you might expect when selecting Telegram posts for instances of civilian harm, including that posts that generate a lot of emotional engagement and posts using keywords about civilian harm were among those most likely to contain content related to this topic. Not all models had the same top features as XGBoost. In fact, for the Random Forest model the most important feature was the number of crying face emojis present in a post, a soft pattern highlighted by researchers when this methodology was first imagined.
LLM Results and Comparison
Retroactively, we decided to run a sample of the same test dataset through different large language models (LLMs) to gauge their ability to make these same predictions.
We aimed to include an LLM-generated score as an extra feature for our trained models, which would be captured as relevant if it correlated with the correct predictions.
To start, we selected two local models, the 1B and 4B variants of Gemma 3 from Google DeepMind, and two cloud-hosted models, Gemini 2.5 flash and Gemini 3.5 flash. With this selection, we hoped to compare results across a wide range of models’ expected performance.
We generated a 400-row stratified sample (preserving the same proportion of real civilian harm instances) from the test dataset used for the custom models. For each of the four LLM models, we ran two tests: one where only the Telegram post message was sent, and another including both the message and the engineered features (excluding the text embeddings, as the model had direct access to the text). In the prompt for each model, we asked for a score between 0 and 1. We then evaluated the results as we did for the custom models.
The above table shows that LLMs can indeed extract value from the engineered features. All four LLMs surpassed the baseline Logistic Regression model in our tests, yet none of them performed better than the other custom-trained models, and XGBoost remained the one with the highest PR-AUC.
Still, Gemini 2.5 Flash performed better than its newer version 3.5 and even achieved a slightly higher best F1 score than any other model. While this is a good result, for the flagging of civilian harm posts, the PR-AUC remains the crucial metric, as it captures the model’s ability to identify infrequent instances of civilian harm while minimising false positives.
Ethical Considerations
Introducing an instrument of automated decision-making into a process of detecting civilian harm brings inherent ethical questions. These include automation bias, or how humans tend to blindly place faith in machine-generated recommendations; algorithmic bias, or how the results of these models echo the same patterns present in the training data, including under- or over-representation of types of civilian harm.
The decision to test an automated methodology for this particular project came from the fact that there were limited resources for both steps in the process – the detection of potential civilian harm and its actual verification. Historically, we built an enormous backlog of unverified incidents because a lot of time had to be spent on monitoring the most recent events so that potential evidence would be captured and preserved as soon as possible.
The automation of this process also reduced the exposure of researchers to a significant amount of unpleasant and distressing visual and text content, reducing the burden of exposure to traumatic content.
For this project, we tried to ameliorate the ethical challenges with a number of strategies including randomly flagging posts not captured by any model, monitoring which features models relied on to make decisions, and by doing historical comparisons of patterns in data.
Additionally, as stated above, for this initial prototype of a civilian harm detection model we did not include any features derived from the media content itself. In the future, it would be a logical next step in attempting to improve the model performance, to include the media from the posts – but using AI to review actual media comes with additional ethical challenges such as model bias.
Because of the opaque ownership of many LLM companies and their generative nature, the use of LLMs for an extra feature presented additional ethical challenges including privacy and safety concerns considering the sensitive nature of the data. Our model did not rely on LLMs, though we retroactively ran a sample through it.
How the Model Fits into the Bigger Picture
After selecting this model, we created a user interface where researchers could view a list of Telegram posts sorted from most to least likely to contain indications of civilian harm. The user interface was designed for quick triage and integration, where a positive confirmation from researchers would instantly send the post to the Auto Archiver (Bellingcat’s tool for preserving digital content) and then transfer it to ATLOS (our internal collaborative verification platform). Bellingcat staff and volunteers could then manually verify incidents. Researcher input was constantly stored so that this data could be used to improve the model in the future.
Preliminary feedback indicated that the AI model was useful. Not only were we able to reduce time and harm from scouring through dozens of war reporting Telegram channels, researchers also reported that the stream of new posts being added to the verification backlog were capturing real and diverse cases of civilian harm.
Despite the focus on civilian harm and Telegram (highly popular in Ukraine and Russia), this pipeline is generic and can be adapted to other conflict monitoring tasks. How easily this can be done does depend on how open the social media platform is and whether it is possible to scrape posts from it. Apart from that, it is easy to incorporate new features and data, and cheap to automatically retrain, test and deploy models as the system receives more human input.
Looking forward, sorting through overwhelming amounts of data in a conflict will continue to be challenging. Hopefully, this methodology can help newsrooms, conflict monitoring organisations, and others find the balance between ethical considerations and resources in order to carry out open source investigations on civilian harm and human rights violations.
Bellingcat is a non-profit and the ability to carry out our work is dependent on the kind support of individual donors. If you would like to support our work, you can do so here. You can also subscribe to our Patreon channel here. Subscribe to our Newsletter and follow us on Bluesky here, Instagram here, Reddit here and YouTube here.
Support Bellingcat
Your donations directly contribute to our ability to publish groundbreaking investigations and uncover wrongdoing around the world.
This article was co-published with Signal Ohio and STAT. In high school, Ashley Delgado dreamed of becoming a doctor and one day buying her father a Rolls-Royce. “She wanted to heal people,” said her father, James Taylor. She had a high GPA, Taylor added, and did especially well in science and Latin. In her mid-20s, […]
In high school, Ashley Delgado dreamed of becoming a doctor and one day buying her father a Rolls-Royce. “She wanted to heal people,” said her father, James Taylor. She had a high GPA, Taylor added, and did especially well in science and Latin.
In her mid-20s, Ashley suffered a leg injury and was prescribed OxyContin. The painkiller marked the beginning of a yearslong descent through addiction — from prescription opioids to methamphetamine, then heroin, and finally, fentanyl.
With her family’s support, Ashley spent time in a rehabilitation facility in her hometown of Cleveland, Ohio, and in recovery she moved into a sober living home. But on an early summer morning in 2023, Ashley’s body was found on a dead-end street just outside the city. One sandal was missing. Tucked inside her bra was a folded scrap of paper containing a tan powder. She was 29.
Ashley Delgado died in August 2023. Source: Supplied
“I have lost my father, my grandmother — that hurts,” Taylor said. “But when you lose your child, that’s the worst thing on the planet, because they’re not supposed to go before you.”
Toxicology tests would later show a mix of substances in Ashley’s system, including protonitazene and metonitazene, powerful synthetic opioids from a little-known class of drugs known as nitazenes. Her death was ruled accidental.
Before his daughter’s fatal overdose, Taylor had never heard of nitazenes. Developed in the 1950s as potential painkillers, the drugs never reached the market because they were deemed unsafe for medical use. He was shocked to learn they could be up to 40 times more potent than fentanyl and 500 times stronger than heroin.
Nitazenes are predominantly sold online, both on the clear web and dark web, and are often laced into other substances to increase their potency. Experts say this puts unsuspecting users seeking more common drugs, such as oxycodone, fentanyl, or stimulants like cocaine, at risk of fatal overdoses.
Left: Ashley, aged about 5, with her father James Taylor in Cleveland, Ohio. Right: Ashley and her dog, Gucci, after graduating from high school in 2012. Source: Supplied
The US Drug Enforcement Administration (DEA) started tracking nitazene-related seizures around 2014, but it wasn’t until 2019 that it saw a marked increase. Since then, federal authorities have scheduled dozens of nitazenes as illegal substances, launched undercover operations, filed indictments, and imposed tariffs on China, where many of the laboratories manufacturing and supplying nitazenes and fentanyl are known to reside.
Support Bellingcat
Your donations directly contribute to our ability to publish groundbreaking investigations and uncover wrongdoing around the world.
Yet, figures provided to Bellingcat by the United Nations Office on Drugs and Crime (UNODC) show the United States has reported 26 different kinds of nitazenes since 2019 — the second highest number globally, after Canada.
And data from the Centers for Disease Control and Prevention (CDC) on nitazene-involved overdose deaths suggest that cases continue to rise. More than 1,100 fatalities have been confirmed through the CDC’s State Unintentional Drug Overdose Reporting System (SUDORS), but experts believe the number of Americans who have died from them since 2019 could be as high as 2,000.
Alex Krotulski, the director of the Centre for Forensic Science Research and Education in Pennsylvania, told Bellingcat that deaths are underreported because nitazenes were not routinely tested for.
“There are only limited forensic toxicology labs that test for nitazenes, so if a nitazene was present and the lab didn’t test for it, the number wouldn’t appear in SUDORS,” he said. “Also, for labs that do test for nitazenes, they have missed cases prior to their testing.” The most recent years for which there is CDC data, 2023 and 2024, show they were the deadliest, with 747 confirmed deaths.
A Bellingcat investigation last year found more than 1,000 nitazenes advertisements populating online marketplaces, forums and the dark web. Source: Bellingcat
In this months-long open source investigation, Bellingcat combed through dozens of criminal court proceedings, filed national, state, and county-level Freedom of Information requests, and obtained scores of medical examiner reports to produce the most detailed account yet of how nitazenes are infiltrating US borders and destroying lives.
The investigation found that, despite efforts to curb their spread across the country, nitazenes are proliferating online. It also shows that, by the time nitazenes reach American users, they are almost always mixed with several other drugs, including methamphetamines, cocaine and, most notably, fentanyl.
As of this year, 48 of 50 US states have reported nitazene seizures.
Less Fentanyl, More Nitazenes
Fentanyl is by far the biggest opioid killer in the US. With more than a quarter of a million deaths since 2021 and about 200 fatalities a day, fentanyl is one of the country’s most urgent public health crises. But drug experts warn that nitazenes can be even more potent and are being mixed with fentanyl and other substances, creating increasingly lethal combinations.
The Faces of Fentanyl memorial exhibit, at the DEA’s headquarters in Arlington, Virginia, displays more than 7,000 photos of people who have lost their lives to fentanyl poisoning or overdose. Source: DEA
“We’re always concerned about fentanyl being mixed in with other drugs — cocaine, meth, heroin,” said Frank Tarentino, Associate Chief of Operations for the DEA’s Northeast Region. “You add nitazenes to that and it makes it exponentially more dangerous and frightening for drug law enforcement, parents, caregivers, educators, and the young.”
Data obtained from the DEA’s National Forensic Laboratory Information System (NFLIS) show reports of confirmed seizures of nitazenes rising sharply — from 43 positive tests in 2019 to almost 2,000 in 2024 (the most recent year for which figures are available). By March this year, more than 8,000 nitazene reports had been recorded since 2019. But experts said that not all laboratories can test for nitazenes — which come in many forms including powders, pills, and sprays — and many don’t feed into the NFLIS system, meaning these numbers are almost certainly an underestimate.
We asked the DEA for a breakdown of reports of nitazenes by state. Ashley Delgado’s home state of Ohio stands out. NFLIS data from 2019 to 2024 indicate that more than a third of all positive nitazene laboratory reports nationally are linked to Ohio.
Separate data from the CDC shows Ohio has also recorded the highest number of nitazene-related overdose deaths in the US since 2021. In 2020, there were just four fatalities linked to the drug; in 2021 that number rose to 90. Between 2022 and 2024, according to government data, there were 200 more deaths.
“It is a risk to our community,” said AmandaLynn Reese, chief programme officer at Harm Reduction Ohio, a non-profit that supports people who use drugs. “There’s been several instances of nitazenes being reported within the community, and I think we’re going to see more of that, especially as we’re seeing less fentanyl.”
To learn more about what was happening in Ohio, Bellingcat filed a public records request for county-level figures to the state’s Bureau of Criminal Investigation (BCI). The data shows that the counties of Scioto, Butler and Cuyahoga — areas long affected by the opioid crisis — account for almost half of all nitazene detections across the state, by weight.
In the 2000s, Portsmouth in Scioto County became known as the “pill mill capital” of America due to widespread overprescribing of opioids. More recent data continue to show Scioto with one of the highest rates of drug overdose deaths in the state. In Cuyahoga County, which includes Cleveland, drug-related mortality rates tripled the national average in 2022.
Two years ago, Ohio’s Governor Mike DeWine issued executive orders to schedule nine different nitazenes and legalised the use of tools to test for drugs including nitazenes.
The reasons why Ohio has been so hard hit are still not fully understood. “Ohio’s geography has long been a suspected contributing factor,” said Erin Reed, director of RecoveryOhio, a statewide initiative coordinating Ohio’s response to addiction. The organisation cited a 2001 article pointing to Ohio’s unique geographic and infrastructural features — including vast land, air and sea transportation networks — as key reasons for the state being a hub for drug trafficking.
Local organisations like Harm Reduction Ohio are pushing for more drug-checking services, education, and greater accessibility to testing strips and life-saving medications like Naloxone, a drug that is used to reverse an opioid overdose. “People are going to use drugs,” Reese said. “We don’t know the supply, but those are ways you can engage in your drug use to increase safety and reduce harm.”
Dealer’s Choice
Bellingcat obtained medical examiner reports from Cuyahoga County for all nitazene-related deaths in 2023 and 2024, which provide an insight into how the drugs are being consumed. The autopsy records show that 45 people — 31 men and 14 women aged 29 to 72 — died after taking nitazenes over the two-year period. Among them were university graduates and former athletes, an Army veteran, an ironworker and an addiction counselor.
Just before Christmas in 2024, a young man from Cleveland died after taking drugs that included etonitazene. A couple of weeks earlier, the body of an elderly woman was found in her home after she ingested drugs that included metonitazene and protonitazene. In the summer, a mother of two children in her thirties consumed a similar lethal mix. All except one of the 45 deaths was ruled accidental.
And in every instance, nitazenes were detected alongside fentanyl, and often with a cocktail of other drugs such as heroin, cocaine, methamphetamine and benzodiazepines. The reason for this wide variety, Tarentino, the DEA agent said, is that dealers often mix nitazenes into other drugs to make them more powerful and addictive, and ultimately to give them a competitive edge.
“It becomes a brand,” he said. “The unfortunate circumstance that we find ourselves in is that the dealer’s choice becomes a deadly decision.” Not only are these mixtures deadly — they can also be highly profitable.
“We used to see organisations that were predominantly selling and transporting cocaine or just heroin or just methamphetamine,” Tarentino said. “Now, we’re seeing organisations move coke, heroin, meth, fentanyl, pills, powder – everything. So we see these poly-drug organisations, and then we see these poly-drug mixtures.” Source: DEA
Court records analysed by Bellingcat show nitazenes have been sold at prices ranging from roughly US $4,000 to $12,000 per kilogram. But Tarentino said the DEA’s internal estimate puts $12,000 at the lower end of the range, with prices going up to as much as $40,000. Given their potency, even small quantities can be diluted into hundreds of thousands — or potentially millions — of doses once mixed and pressed into pills. “A little bit can go a long way,” Tarentino said, “and they can make a lot of money.”
A Freedom of Information Act request to the US Customs and Border Protection (CBP) revealed that in 2024 and 2025 — the only years for which the agency has monitored nitazenes separately — 41 consignments of the drug were intercepted. The data shows that most of these shipments arrived by mail, primarily from mainland China, Hong Kong and the United Kingdom. The quantities tended to be small, ranging from less than 1 gram to almost 700 grams.
The UK has also recorded anincrease in high-strength nitazenes in recent years. John Fahey, a spokesman for the National Crime Agency, said criminals used the UK as a “transit point” for shipping illicit drugs and that officials were working closely with US law enforcement on nitazene-related cases. Source: DEA
But that’s not always the case. An analysis of US federal court records linked to prosecutions of nitazenes indicates that roughly 90 kilograms of material containing nitazenes in different forms (powder and pills) have been seized over the past three years. Nearly two-thirds of that amount, about 60 kilograms, stem from a single case.
In that case, prosecutors allege that a man named Valkar Singh drove a blue Maserati from Canada into the US carrying six industrial-sized buckets with more than 100,000 pills containing isotonitazene. According to court filings, Singh transported the drugs to a Bronx, New York address, where he was arrested by undercover law enforcement officers.
Tarentino, who is familiar with the Singh case but could not comment on it specifically, said a lot of work is being done to prevent drugs being smuggled across the Canadian border. “Canada has become a major concern, but also a major partner in trying to stop the synthetic opioids that are coming into the United States,” he said.
Lawyers for Singh, who has pleaded guilty and is awaiting sentencing, declined to comment.
Photos of buckets containing isotonitazenes in the trunk of Singh’s car. Pills only contain trace levels of active ingredients, meaning the exact quantity of nitazenes is unknown. Still, experts say this seizure was significant, considering the drug’s potency. Source: US District Court for the Southern District of New York
The scale of the alleged seizure makes this case an outlier. Of 46 federal cases identified by Bellingcat between 2021 and 2025, the next highest nitazenes seizure was about 9 kilograms. By comparison, data provided by the European Union Drugs Agency shows roughly 18 kilograms of nitazene-related seizures (pills, powder, liquid) across the EU between 2019 and 2023.
“It’s very large,” said Jared Brown, scientific affairs officer at the UNODC. “One hundred thousand pills is probably at the limit of what we hear about in terms of maximum types of quantities that get seized.”
The evidence suggests that most buyers are individual dealers who purchase relatively small quantities online, rather than organised criminal groups. “It’s street-level or mid-level dealers [in the US] that are introducing the nitazenes into the drug supply, not the big drug traffickers,” said Philip Berry, a visiting senior lecturer at King’s College London who formerly worked in counter-narcotics at the UK Home Office.
Court documents show that buyers can easily find nitazene suppliers online: on dark web marketplaces, standalone chemical supplier websites, or even on social media platforms. The suppliers often market the drugs by listing their chemical identifier and social media contact details. Often, the ads include an image of a young Asian woman striking a pose.
Buyers are often individual dealers who contact sales representatives via encrypted channels and negotiate a deal. In those conversations, representatives will sometimes disclose how they claim to evade customs, for example by declaring the product as cosmetics or electronic accessories.
Ads for nitazenes — such as these ones Bellingcat viewed this month — are found on dozens of sites, from social media platforms to prominent Asian-headquartered marketplaces that target international buyers. Source: Bellingcat
A detailed account that illustrates this modus operandi comes from the 2023 case against a man named Will Catis in Florida — the state with the second highest number of confirmed nitazene reports. Court documents show that a basic internet search led Catis to multiple nitazene advertisements listed by Jiangsu Bangdeya New Material Technology Co., LTD, a Chinese company sanctioned by the US Treasury for offering illicit substances for sale, including fentanyl and protonitazene.
Catis purchased approximately four kilograms of nitazenes from Jiangsu Bangdeya in batches no larger than 500 grams. The drugs were sent via the US Postal Service to Deerfield Beach, Florida. Once received, Catis mixed the nitazenes with other drugs, pressed the substance into a brick and sold it to other drug traffickers. Catis was jailed for 12 years after pleading guilty to possessing and intending to distribute nitazenes.
One court case from Florida describes how a couple who lived in a converted garage bedroom in Hernando County bought nitazenes through the mail from Chinese companies they contacted online. Jacob Spinoza and his girlfriend Veronica Jo Barback regularly abused the drugs and distributed them locally, according to court documents. Both pleaded guilty. Spinoza was sentenced to nine years in prison, and Barback received a three-year sentence.
Jacob Spinoza and Veronica Jo Barback under the influence of nitazenes. Court records said Spinoza survived more than 20 overdoses in 2022. Source: US District Court Middle District of Florida
Another notable case reveals how a man allegedly ran a drug trafficking operation from a prison in Ohio. Investigators said Brian Lumbus Jr worked with a middleman, Giancarlo Miserotti, who contacted drug manufacturers in China to get nitazenes shipped through Italy to avoid custom checks. Once in Ohio, the plan was to distribute the drugs to other states, court documents said.
But law enforcement agents were listening in on conversations between Lumbus and other members of the drug network, who expressed caution about the potency of nitazenes. “Man, we got to be careful … somebody died,” Lumbus said in one phone conversation, according to court documents. “Ohhh … it was too strong,” Miserotti responded. “I think the ratio of the pink [metonitazene] was thick.”
Lumbus is awaiting trial. Miserotti was arrested in Italy in 2023 and sentenced to more than 13 years in prison.
Arms Race
Enforcement actions have targeted the online marketplace ecosystem. In June 2025, Archetyp Market, a major dark web platform used to sell drugs, was dismantled in a coordinated operation involving Europol. US authorities have also indicted several China-based companies and individuals accused of offering nitazenes and related synthetic opioids for sale. Still, advertisements for nitazenes continue to litter online markets, constantly adapting to new regulatory regimes.
Nitazenes, such as this listing for etonitazene, which is up to 500 times stronger than heroin, are openly advertised online. Source: Bellingcat
In July 2025, China placed the majority of nitazenes under national control. Tightened regulations — both in China and the US — have tried to stem the flow of nitazenes. But drug experts warn that manufacturers are already exploiting loopholes in China’s regulations by marketing chemically similar synthetic opioids known as “orphines.”
Jared Brown, of UNODC, said orphines are also thought to come from China and are about as powerful as fentanyl. “Orphines have just enough of the molecule difference that it isn’t covered by the core definition that China has made,” he said.
This is not the first time Chinese synthetic opioid manufacturers have adapted to regulations. In 2019, China banned all fentanyl-related substances, including some major precursors. The number of distinct fentanyl analogues reported to the UNODC subsequently plummeted, while reports of nitazenes quickly picked up. Now that China is clamping down on nitazenes, orphines are on the rise. More than 150 cases involving orphines were reported in the US between 2024 and 2025, the majority of which are in Illinois.
“Always adapting, always changing – we call them ‘shape shifters’,” said Tarentino. “They’re this global Hydra that are always changing, evolving and adapting to their environment and taking full advantage of all of these different loopholes and vulnerabilities that exist.”
Reporting for this story was supported by the Fund for Investigative Journalism.
Bellingcat is a non-profit and the ability to carry out our work is dependent on the kind support of individual donors. If you would like to support our work, you can do so here. You can also subscribe to our Patreon channel here. Subscribe to our Newsletter and follow us on Bluesky here, Instagram here, Reddit here and YouTube here.
On February 15, 2026, the bulk carrier, Grumant (IMO: 9385879) was pictured at the occupied Ukrainian Port of Feodosia on the Crimean peninsula. Satellite imagery suggests it had already been there for several days. It appeared to stock up on grain before departing on a two-month-long journey eventually docking at the Port of Benghazi in […]
On February 15, 2026, the bulk carrier, Grumant (IMO: 9385879) was pictured at the occupied Ukrainian Port of Feodosia on the Crimean peninsula. Satellite imagery suggests it had already been there for several days. It appeared to stock up on grain before departing on a two-month-long journey eventually docking at the Port of Benghazi in Libya on April 18.
While there have been previous reports of grain shipments from occupied Ukraine arriving in Libya, this is only the second time a Russian ship has been observed delivering what the Ukrainian government describes as “stolen” grain to the country. The previous case involved the Damas Wave which travelled in January of last year to the port of Misrata which is under the control of the UN-recognised Government of National Unity (GNU). In addition to satellite imagery, Bellingcat deployed a new technique that analysed Grumant’s heading data which was contained in AIS information provided by Lloyd’s List Intelligence, to help confirm Grumant’s presence in Feodosia.
Grumant transits the Bosphorus Strait in the middle of the night.
Credit: Yörük Işık.
Black Sea
Grumant enters a region of the Black Sea known for GNSS interference, meaning that Grumant’s publicly reported Automated Identification System (AIS) position is unreliable.
Port of Feodosia
On February 15, a high resolution satellite image confirms the ship is docked at the port of Feodosia at berth No. 1 that is used for bulk and metal cargo. Matching features visible include Grumant’s grey decking, its seven hatches and bright yellow front mast. What appears to be leftover grain can be seen under the two port crates, immediately next to the ship.
Grumant exits the area of signal interference, meaning that its reported position on ship tracking services is now reliable again. Its AIS messages indicate it is travelling towards the Bosphorus.
Bosphorus Strait
Grumant transits the Bosphorus Strait towards the Sea of Marmara. Judging by the draft, with no visible red paint on its hull, the ship appears to be fully laden.
Credit: Yörük Işık.
Izmir Anchorage
Grumant arrives in Izmir, Turkey on February 23 and anchors off the coast until March 13.
Over the course of three weeks, Grumant never enters the Port of Izmir. It is not known if it was denied entry. Bellingcat asked the port operators but did not receive a response before publication.
Grumant then loiters off the coast of Aliağa, about 50 km from Izmir. It stays here until March 16, never entering the port. It again is not known if it was denied entry. Bellingcat asked the port operators but did not receive a response before publication.
Near Benghazi
Grumant arrives in Libyan waters and stays off the coast of Benghazi until April 1.
Libyan Waters
Grumant briefly leaves the coast of Benghazi, but returns a few days later.
Benghazi
Grumant leaves the anchorage on April 18 and docks at the port of Benghazi where it unloads the grain. The ship was captured in a Vantor satellite image on April 20.
It leaves port on April 23, and heads back towards the Bosphorus.
According to the Ukrainian activism, journalism and hacker group, Kiborg News, Grumant used deceptive shipping practices to deliver grain to Latakia, Syria in 2024. The report included several of Grumant’s shipping manifests, which showed it had repeatedly exported grain from Occupied Crimea to Syria.
Heading Data Helps Locate Grumant
It is standard maritime practice that ships broadcast Automatic Identification System (AIS) messages which include a ship’s position, heading, and draught (among other information).
Between February 7 and February 19, 2026, data from Lloyd’s List Intelligence shows the Grumant transmitted 29 AIS messages, with unreliable positions in the vicinity of Feodosia. We know these positions are unreliable as they are erratic and some of them report the ship as being positioned on land.
Unreliable AIS positions – Grumant’s reported positions between February 7-19, 2026, via Lloyd’s List Seasearcher.
However, according to the IMO, the heading data transmitted by a ship’s AIS system must come from an onboard compass. A compass is unaffected by GNSS interference, meaning it is a more reliable source of information in these conditions.
Over the same dates, all 29 AIS messages reported the ship’s heading as 267 degrees or 268 degrees. The Port of Feodosia has a heading of 267.5 degrees. The close agreement between the ship’s heading and port heading strongly suggests that Grumant was moored at the port between February 7 and February 19, 2026.
We conducted an extra check of the heading data by reviewing satellite imagery available of berth 1 at Feodosia Port, which suggests that the same vessel was present on several days between February 6 and February 18. Imagery on Feb. 6 shows the port was empty in the morning and occupied in the afternoon. Grumant exited the area of GNSS interference on February 21, and berth 1 at the port was captured on satellite image on February 22 and appeared empty. The low resolution satellite imagery is only used as an additional check to see if a vessel is at the berth.
Timeline of open source observations related to Grumant’s presence (tick) or absence (cross) at Feodosia port. Empty entries indicate a lack of available data.
Sentinel-1 timelapse of Feodosia Port, Copernicus Sentinel data 2026. Annotations by Bellingcat.
PlanetScope timelapse of Feodosia Port, Planet Labs PBC. Annotations by Bellingcat.
Bellingcat checked all vessels transmitting AIS in the vicinity of Feodosia Port and found that Grumant was the only one that consistently transmitted a heading matching the Port of Feodosia over the period of interest.
We shared our research with Charlie Brown, a former US Naval Officer and Senior Advisor at United Against Nuclear Iran where he focuses on maritime sanctions enforcement and the tracking of illicit shipping. Brown told Bellingcat that while satellite imagery of vessels remained key for identification, when looking for reliable data in a spoofing environment it made sense to look at the various elements of AIS data to try and find some accurate information, despite GNSS spoofing.
“It’s quite standard for the independent gyro compass to be providing the heading […] I think the majority would not [be subject to spoofing] so it’s a good methodology to parse out the particular data and then make some inferences from that.”
“It’s neat to think of what can be derived from data that would otherwise be dirty or wrong. So there’s still some elements of use in there.”
He added that in theory there are probably some compasses that are subject to spoofing as well.
He told Bellingcat that it was fair to say the heading data of the Grumant supported identification, but stressed the need to cross-reference with other data sources.
While in this instance it has been possible to use AIS data to help verify the location of Grumant, it is relatively unusual to have access to this information.
This activity, known as “dark port calls”, is a common tactic for those engaging in illicit or sanctioned trades.
Grumant does not transmit AIS messages from February 8 to 11, but this is the longest gap in data (see diagram above), with intermittent messages coming through after that point.
It is unclear why Grumant continued to transmit AIS during the period it was loading in Feodosia.
A review of Lloyd’s List Intelligence data from January 2025 shows that on a previous voyage to the Black Sea the Grumant operated “dark” for 59 days.
Visual Identification
On February 15, 2026, high resolution imagery showed Grumant docked in the Port of Feodosia. We compared it with other recent images of Grumant to confirm the match.
The ship in the satellite image has a grey-coloured deck, which is uncommon enough for it to stand out. Many bulk carriers have cranes (including the ships we previously covered such as Krasnodar, Zafar and Zaid), Grumant does not have any. It also has seven hatches (openings for the grain) and a bright yellow front mast that matches the mast of Grumant (see the image of it transiting the Bosphorus). We can match the Grumant in the Feodosia image, not only to pictures of the Grumant shot from the ground, but also to the satellite image from Benghazi.
The length and breadth of the ship also matches that of the Grumant; 180 metres by 22.90 metres.
Libya has complicated internal dynamics with essentially two administrations in charge of different parts of the country – the Government of National Unity (GNU) in the west and the Libyan National Army (LNA) in the east.
In recent years, Russia has backed the LNA’s General Khalifa Haftar, based out of Benghazi, in the east of the country. But Jalel Harchaoui, a political scientist specialising in Libya with the Royal United Services Institute (RUSI), stressed that the two sides of this conflict, the LNA and the UN-recognised GNU, are not currently fighting. Instead they are in a flawed, multi-year truce.
Therefore, the east-west divide isn’t as clear-cut as during the civil war. While all shipments going to Benghazi and Tobruk are overseen by the LNA, not all shipments going to the city of Misrata (which is run by the GNU) are meant for the GNU-dominated part of the country.
Harchaoui told Bellingcat: “the Tripoli government is in some regards pro-Ukraine, but if there’s business that can be done with Russia through the very opaque port of Misrata and all the right people get paid, the business is going to take place.”
That observation is potentially significant given at least one previously tracked vessel that went from occupied Ukraine to Libya docked in Misrata.
This was not the case of the Grumant, however, which arrived in an LNA-controlled part of the country. It is not known from open sources alone if the authorities in Libya or at the port in Benghazi knew the grain carried by Grumant had come from occupied Ukraine.
Bellingcat contacted the Benghazi-based LNA government and representatives of the Tripoli-based GNU government via the Libyan Embassy in The Netherlands. We also contacted the Port of Benghazi, Port of Imzir in Turkey as well as the Ukrainian and Russian authorities. Representatives of the LNA did not respond to requests for comment before publication, nor did the Port of Benghazi or Port of Izmir. The Libyan Embassy in The Netherlands replied to Bellingcat after publication, stating that Benghazi and eastern Libya are not under the authority or administrative control of the Government of National Unity and therefore they are not currently in a position to comment on Bellingcat’s findings.
Ukraine Continues to Pursue the “Shadow Grain Fleet”
“The port of Feodosia, located in the temporarily occupied Autonomous Republic of Crimea, is not under Ukrainian control, and any commercial activity conducted there is illegal,” the Ministry for Development of Communities and Territories of Ukraine and the Ministry of Foreign Affairs of Ukraine told Bellingcat in a joint response.
They told us the loading of grain exported from the temporarily occupied territories is an illegal act and Russia was using ports as logistics centers to export stolen Ukrainian agricultural products.
“The expansion of such routes to third countries, in particular to North Africa, demonstrates Russia’s ongoing efforts to circumvent international sanctions and monetize resources stolen from the occupied Ukrainian territories.”
The Ukrainian Ministry of Foreign Affairs sent information about Grumant’s (IMO: 9385879) “illegal activities” to the diplomatic missions in Great Britain, the Republic of Turkey and the Republic of Tunisia over the course of March to May this year, the ministries told Bellingcat.
Ukraine is continuing to pursue legal action against Russia’s “shadow grain fleet” they told us. For instance, earlier this month a Swedish court approved the transfer of the Russian “shadow grain fleet” vessel CAFFA to Ukraine for investigation after it was arrested in Swedish waters.
This case has set a new precedent, going beyond sanction and fines previously handed out to such vessels, and allowing for the detention and confiscation of a shadow fleet vessel in European jurisdictions, the ministries said.
Bellingcat attempted to contact Decision/Reshenie to ask about Grumant’s grain shipment from Feodisia Port to Benghazi Port, but they had not responded at time of publication.
Cover image: Planet Lab image shows Grumant anchored off Izmir, Turkey on February 27. Credit: Planet Labs PBC.
Bellingcat is a non-profit and the ability to carry out our work is dependent on the kind support of individual donors. If you would like to support our work, you can do so here. You can also subscribe to our Patreon channel here. Subscribe to our Newsletter and follow us on Bluesky here, Instagram here, Reddit here and YouTube here.