How a tip in Germany brought down Hydra, the impenetrable dark web criminal group
German police say shutting down the infamous site took months of cyber investigation.
“It gave us all goosebumps,” says Sebastian Zwiebel, describing the moment his team shut down Hydra, the world’s largest darknet marketplace.
The website was a stronghold of cybercrime and survived for more than six years by selling illegal drugs and products.
But after a tip-off, German police seized the site’s servers and seized 23 million euros ($25 million) in bitcoin.
“We’ve been working on this for months and when it finally happened it was a huge, really huge feeling,” says Zwiebel.
The police say that 17 million customers and more than 19,000 seller accounts they were registered at the market, which now carries a police seizure notice.
Hydra specialized in same-day “black box” services, in which drug dealers (vendors) hide packages in public places before informing customers of the pickup location.
Shortly after the German operation was announced, the US Treasury Department issued sanctions against Hydra “in a coordinated international effort to disrupt the proliferation of malicious cybercrime services, dangerous drugs, and other illegal offerings available through the Russia-based site.”
Hydra was written in Russian and had services with multiple countries.
In the past six months, many high-profile darknet marketplaces have been shut down, but Hydra he was apparently immune to attempts by the police toget downit.
The website was launched in 2015 to sell drugs, pirated materials, forged documents, and illegal digital services like bitcoin mixing, which cybercriminals use to launder stolen or extorted cryptocurrencies.
The site was written in Russian, with sellers located in Russia, Ukraine, Belarus, Kazakhstan, and countries in the region.
Zwiebel notes that the operation to shut it down began with a tip pointing to the possibility that the website’s infrastructure could be hosted in Germany.
“We got some clues through monitoring darknet activity by US officials. So we started in July or August of last year to dig deeper and investigate this field,” he explains.
were necessary many months to locate which company could host Hydra in Germany.
It was eventually discovered that it was a company called “bulletproof” hosting.
A bulletproof hosting company is one that does not audit the websites or content it hosts, has no problem hosting criminal websites, and avoiding police requests for customer information.
The site now has a closure notice.
Zwiebel says his investigators then took their evidence to a German judge for permission to approach the server company and issue a closure notice.
The company was forced to comply, otherwise they too could have been arrested.
Visitors to the site are now greeted with a police banner that reads “platform and criminal content have been seized.”
While celebrating their success, German authorities say they fear This Is Not The End Of The Hydra Cybercrime Group, unless they can find and arrest them.
“We know that they will find another way to do business. They will probably try to build a new platform, and we will have to keep an eye on it. We don’t know the perpetrators, so that is the next step,” Zwiebel says.
The news comes during a turbulent time for darknet markets with some of the most prominent sites being shut down in recent months, either voluntarily or as a result of police activity.
Many of the closures come from criminals who choose to phase out their operations and disappear with their wealth.
In January, the administrators of UniCC, a dark web site that sells stolen credit card details, walked out citing health reasons.
Voluntary closures also ended the White House Market in October 2021, Cannazon in November, and Torrez in December.
However, a BBC investigation earlier this year revealed that the most common way darknet sites are shut down is through so-called “exit scams,” in which administrators voluntarily shut down sites but They steal their clients’ funds in the process.
Now you can receive notifications from BBC World. Download the new version of our appy activate them so you don’t miss our best content.
German police say shutting down the infamous site took months of cyber investigation.
“It gave us all goosebumps,” says Sebastian Zwiebel, describing the moment his team shut down Hydra, the world’s largest darknet marketplace.
The website was a stronghold of cybercrime and survived for more than six years by selling illegal drugs and products.
But after a tip-off, German police seized the site’s servers and seized 23 million euros ($25 million) in bitcoin.
“We’ve been working on this for months and when it finally happened it was a huge, really huge feeling,” says Zwiebel.
The police say that 17 million customers and more than 19,000 seller accounts they were registered at the market, which now carries a police seizure notice.
Hydra specialized in same-day “black box” services, in which drug dealers (vendors) hide packages in public places before informing customers of the pickup location.
Shortly after the German operation was announced, the US Treasury Department issued sanctions against Hydra “in a coordinated international effort to disrupt the proliferation of malicious cybercrime services, dangerous drugs, and other illegal offerings available through the Russia-based site.”
Hydra was written in Russian and had services with multiple countries.
In the past six months, many high-profile darknet marketplaces have been shut down, but Hydra he was apparently immune to attempts by the police toget downit.
The website was launched in 2015 to sell drugs, pirated materials, forged documents, and illegal digital services like bitcoin mixing, which cybercriminals use to launder stolen or extorted cryptocurrencies.
The site was written in Russian, with sellers located in Russia, Ukraine, Belarus, Kazakhstan, and countries in the region.
Zwiebel notes that the operation to shut it down began with a tip pointing to the possibility that the website’s infrastructure could be hosted in Germany.
“We got some clues through monitoring darknet activity by US officials. So we started in July or August of last year to dig deeper and investigate this field,” he explains.
were necessary many months to locate which company could host Hydra in Germany.
It was eventually discovered that it was a company called “bulletproof” hosting.
A bulletproof hosting company is one that does not audit the websites or content it hosts, has no problem hosting criminal websites, and avoiding police requests for customer information.
The site now has a closure notice.
Zwiebel says his investigators then took their evidence to a German judge for permission to approach the server company and issue a closure notice.
The company was forced to comply, otherwise they too could have been arrested.
Visitors to the site are now greeted with a police banner that reads “platform and criminal content have been seized.”
While celebrating their success, German authorities say they fear This Is Not The End Of The Hydra Cybercrime Group, unless they can find and arrest them.
“We know that they will find another way to do business. They will probably try to build a new platform, and we will have to keep an eye on it. We don’t know the perpetrators, so that is the next step,” Zwiebel says.
The news comes during a turbulent time for darknet markets with some of the most prominent sites being shut down in recent months, either voluntarily or as a result of police activity.
Many of the closures come from criminals who choose to phase out their operations and disappear with their wealth.
In January, the administrators of UniCC, a dark web site that sells stolen credit card details, walked out citing health reasons.
Voluntary closures also ended the White House Market in October 2021, Cannazon in November, and Torrez in December.
However, a BBC investigation earlier this year revealed that the most common way darknet sites are shut down is through so-called “exit scams,” in which administrators voluntarily shut down sites but They steal their clients’ funds in the process.
Now you can receive notifications from BBC World. Download the new version of our appy activate them so you don’t miss our best content.
“She is a lady who is quite basic in her actions”: this is how the former president of the Council of Ministers described Mirtha Vásquez to Dina Boluartepresident whom she considers “arrogant”
SANTIAGO. The corresponding authorities of the Valverde, Montecristi and Dajabón provinces are carrying out a survey of the damage caused by the floods that occurred yesterday afternoon and last night in those
Read in SuchWhich more news from the Venezuelan and international business world with data of financial, commercial and business interest This is the information from the national and foreign business world about
The football team Argentina announced on Tuesday the list of summoned players, led by the star Lionel Messi and with the return of the goal Emiliano ‘Dibu’ Martínezfor matches against Paraguay and
USA is carrying out its presidential elections that could have a strong impact on politics Argentina and the entire region. While it is true that the northern country is torn between two
