Feds slay dark-web souk Hydra: Servers and $25m in crypto-coins seized
US also charges Russia-based web host owner regarding cyber-crime market
US and German federal agencies came down hard on Hydra, the longest-running known dark-web marketplace trafficking in illegal drugs and money-laundering services, with a multi-pronged attack that aimed to cut off multiple heads of the nefarious online beast.
First, German federal police in coordination with US law enforcement seized Hydra servers and cryptocurrency wallets containing $25 million in Bitcoin, thus shutting down the online souk.
Later on Tuesday, the US Justice Department announced criminal charges against one of the alleged Hydra operators and system administrators, 30-year-old Dmitry Olegovich Pavlov of Russia.
Plus, the US Treasury Department sanctioned the dark-web monstrosity. The Treasury's Office of Foreign Assets Control identified more than 100 virtual currency addresses associated with its operations that were allegedly used to conduct illicit transactions.
Hydra, which is popular among Russian-speaking criminals looking to buy and sell illicit goods and services, accounted for about 80 percent of all dark-web market-related cryptocurrency transactions last year, according to the Justice Department. Since 2015, it has raked in about $5.2 billion in cryptocurrency.
And according to German authorities, the market had 17 million users as of this month.
- US DoJ reveals Russian supply chain attack targeting energy sector
- US says Russian ran online marketplace of stolen logins
- Alleged REvil suspect extradited on ransomware spree charges
- National Security Agency employee indicted for 'leaking top secret info'
Hydra operates like any legitimate online marketplace with vendors creating accounts to advertise and selling their products and services, and buyers setting up accounts to view and purchase said products. However, we're not talking about buying and selling home goods and running shoes.
According to the indictment, Hydra vendors offered a variety of illicit drugs for sale, including cocaine, methamphetamine, LSD, heroin, and other opioids.
In addition to drugs, customers could buy fake IDs including US passports and driver licenses, as well as ransomware, money laundering, and cash-out services, which allowed users to convert Bitcoin into various forms of currency.
Criminal charges against Pavlov, filed in a San Francisco court, include conspiracy to distribute narcotics and conspiracy to commit money laundering related to his involvement with Hydra [PDF].
Since about November 2015, Pavlov ran a web hosting provider in Russia called Promservice that managed "dozens" of servers that formed the online infrastructure of Hydra, the court documents allege. These machines allowed drug dealers and other cyber criminals to sell their services and launder billions of dollars from illegal transactions.
During this time-frame, Pavlov received "repeated" cryptocurrency payments from Hydra wallets, according to the indictment.
By providing servers and networking infrastructure that "allowed Hydra to operate and thrive" on the dark web, Pavlov helped the illicit marketplace "reap commissions worth millions of dollars," it stated. ®
- Black Hat
- Common Vulnerability Scoring System
- Cybersecurity and Infrastructure Security Agency
- Cybersecurity Information Sharing Act
- Data Breach
- Data Protection
- Data Theft
- Digital certificate
- Identity Theft
- Kenna Security
- Palo Alto Networks
- Trusted Platform Module
- Zero trust