Hydra was the go-to place on the dark web that serves as a hub for drugs, stolen credit card information, counterfeit bills, fake documents, and other illegal goods or services. The market primarily catered to the finest Russian criminals and “Treasuremen,” or dealers connected with the site, push drugs throughout the region by hiding them in geo-tagged pickup locations.
With the shutdown of the German-based server, authorities are now launching an investigation into the “unknown operators and administrators” of Hydra, whom they suspect of selling narcotics and engaging in money laundering. German authorities say they have been investigating the marketplace with the help of the US since August 2021.
Although Hydra is known for aiding in the sale of narcotics, a report from risk intelligence organisation Flashpoint said that cryptocurrency laundering was another growing trend. Cybercriminals could purchase cryptocurrency from other sellers in exchange for rubles, and then receive their cash through payment apps like YooMoney, Tinkoff, or QUIWI. Other crypto launderers would opt for a delivery method similar to the one used for drugs — a courier would bury money in a discrete location, which the customer would later dig up.
Cyptocurrency investigation firm Chainanalysis found $200 million in stolen cryptocurrency floating around on the platform in 2021 and early 2022, including $5 million linked to fraud, $4 million linked to ransomware, and $4 million from sanctioned sources. About $2 billion in transactions in total came from “risky” sources.
The US Department of the Treasury’s Office of Foreign Assets Control announced that it has sanctioned Hydra and Russian cryptocurrency exchange Garantex. The US is also working to identify over 100 cryptocurrency addresses with ties to the illegal marketplace.