How a tip in Germany brought down Hydra, the impenetrable dark web criminal group
German police say shutting down the infamous site took months of cyber investigation.
“It gave us all goosebumps,” says Sebastian Zwiebel, describing the moment his team shut down Hydra, the world’s largest darknet marketplace.
The website was a stronghold of cybercrime and survived for more than six years by selling illegal drugs and products.
But after a tip-off, German police seized the site’s servers and seized 23 million euros ($25 million) in bitcoin.
“We’ve been working on this for months and when it finally happened it was a huge, really huge feeling,” says Zwiebel.
The police say that 17 million customers and more than 19,000 seller accounts they were registered at the market, which now carries a police seizure notice.
Hydra specialized in same-day “black box” services, in which drug dealers (vendors) hide packages in public places before informing customers of the pickup location.
Shortly after the German operation was announced, the US Treasury Department issued sanctions against Hydra “in a coordinated international effort to disrupt the proliferation of malicious cybercrime services, dangerous drugs, and other illegal offerings available through the Russia-based site.”
Hydra was written in Russian and had services with multiple countries.
In the past six months, many high-profile darknet marketplaces have been shut down, but Hydra he was apparently immune to attempts by the police toget downit.
The website was launched in 2015 to sell drugs, pirated materials, forged documents, and illegal digital services like bitcoin mixing, which cybercriminals use to launder stolen or extorted cryptocurrencies.
The site was written in Russian, with sellers located in Russia, Ukraine, Belarus, Kazakhstan, and countries in the region.
Zwiebel notes that the operation to shut it down began with a tip pointing to the possibility that the website’s infrastructure could be hosted in Germany.
“We got some clues through monitoring darknet activity by US officials. So we started in July or August of last year to dig deeper and investigate this field,” he explains.
were necessary many months to locate which company could host Hydra in Germany.
It was eventually discovered that it was a company called “bulletproof” hosting.
A bulletproof hosting company is one that does not audit the websites or content it hosts, has no problem hosting criminal websites, and avoiding police requests for customer information.
The site now has a closure notice.
Zwiebel says his investigators then took their evidence to a German judge for permission to approach the server company and issue a closure notice.
The company was forced to comply, otherwise they too could have been arrested.
Visitors to the site are now greeted with a police banner that reads “platform and criminal content have been seized.”
While celebrating their success, German authorities say they fear This Is Not The End Of The Hydra Cybercrime Group, unless they can find and arrest them.
“We know that they will find another way to do business. They will probably try to build a new platform, and we will have to keep an eye on it. We don’t know the perpetrators, so that is the next step,” Zwiebel says.
The news comes during a turbulent time for darknet markets with some of the most prominent sites being shut down in recent months, either voluntarily or as a result of police activity.
Many of the closures come from criminals who choose to phase out their operations and disappear with their wealth.
In January, the administrators of UniCC, a dark web site that sells stolen credit card details, walked out citing health reasons.
Voluntary closures also ended the White House Market in October 2021, Cannazon in November, and Torrez in December.
However, a BBC investigation earlier this year revealed that the most common way darknet sites are shut down is through so-called “exit scams,” in which administrators voluntarily shut down sites but They steal their clients’ funds in the process.
Now you can receive notifications from BBC World. Download the new version of our appy activate them so you don’t miss our best content.
German police say shutting down the infamous site took months of cyber investigation.
“It gave us all goosebumps,” says Sebastian Zwiebel, describing the moment his team shut down Hydra, the world’s largest darknet marketplace.
The website was a stronghold of cybercrime and survived for more than six years by selling illegal drugs and products.
But after a tip-off, German police seized the site’s servers and seized 23 million euros ($25 million) in bitcoin.
“We’ve been working on this for months and when it finally happened it was a huge, really huge feeling,” says Zwiebel.
The police say that 17 million customers and more than 19,000 seller accounts they were registered at the market, which now carries a police seizure notice.
Hydra specialized in same-day “black box” services, in which drug dealers (vendors) hide packages in public places before informing customers of the pickup location.
Shortly after the German operation was announced, the US Treasury Department issued sanctions against Hydra “in a coordinated international effort to disrupt the proliferation of malicious cybercrime services, dangerous drugs, and other illegal offerings available through the Russia-based site.”
Hydra was written in Russian and had services with multiple countries.
In the past six months, many high-profile darknet marketplaces have been shut down, but Hydra he was apparently immune to attempts by the police toget downit.
The website was launched in 2015 to sell drugs, pirated materials, forged documents, and illegal digital services like bitcoin mixing, which cybercriminals use to launder stolen or extorted cryptocurrencies.
The site was written in Russian, with sellers located in Russia, Ukraine, Belarus, Kazakhstan, and countries in the region.
Zwiebel notes that the operation to shut it down began with a tip pointing to the possibility that the website’s infrastructure could be hosted in Germany.
“We got some clues through monitoring darknet activity by US officials. So we started in July or August of last year to dig deeper and investigate this field,” he explains.
were necessary many months to locate which company could host Hydra in Germany.
It was eventually discovered that it was a company called “bulletproof” hosting.
A bulletproof hosting company is one that does not audit the websites or content it hosts, has no problem hosting criminal websites, and avoiding police requests for customer information.
The site now has a closure notice.
Zwiebel says his investigators then took their evidence to a German judge for permission to approach the server company and issue a closure notice.
The company was forced to comply, otherwise they too could have been arrested.
Visitors to the site are now greeted with a police banner that reads “platform and criminal content have been seized.”
While celebrating their success, German authorities say they fear This Is Not The End Of The Hydra Cybercrime Group, unless they can find and arrest them.
“We know that they will find another way to do business. They will probably try to build a new platform, and we will have to keep an eye on it. We don’t know the perpetrators, so that is the next step,” Zwiebel says.
The news comes during a turbulent time for darknet markets with some of the most prominent sites being shut down in recent months, either voluntarily or as a result of police activity.
Many of the closures come from criminals who choose to phase out their operations and disappear with their wealth.
In January, the administrators of UniCC, a dark web site that sells stolen credit card details, walked out citing health reasons.
Voluntary closures also ended the White House Market in October 2021, Cannazon in November, and Torrez in December.
However, a BBC investigation earlier this year revealed that the most common way darknet sites are shut down is through so-called “exit scams,” in which administrators voluntarily shut down sites but They steal their clients’ funds in the process.
Now you can receive notifications from BBC World. Download the new version of our appy activate them so you don’t miss our best content.
Miami, United States. – The United States Coast Guard repatriated 16 Cuban Balseros on Tuesday after having intercepted them, last Friday, in an improvised boat just over 24 kilometers to the southwest
According to the report by the Ministry of Citizen Security (SSC), the events occurred shortly after 6:30 p.m. on February 11, when three subjects aboard a motorcycle shot directly against people who
Arequipa would add a new mining project, after the Australian company Ausquest Limited found copper and gold site in the district of Chala, Caravelí. The project called Cangalloit would be on a
A record of the drainage sanitary street Galván Corner Manuel Rodríguez Objío in the sector of GascueNational District, has drivers to the Garete. It is that, apparently, on one occasion it intervened,
After the facade of promoting “freedom of the press”, the United States Agency for International Development (USAID) invested billions of dollars for more than two decades in NGOs and related media, to
