How a tip in Germany brought down Hydra, the impenetrable dark web criminal group
German police say shutting down the infamous site took months of cyber investigation.
“It gave us all goosebumps,” says Sebastian Zwiebel, describing the moment his team shut down Hydra, the world’s largest darknet marketplace.
The website was a stronghold of cybercrime and survived for more than six years by selling illegal drugs and products.
But after a tip-off, German police seized the site’s servers and seized 23 million euros ($25 million) in bitcoin.
“We’ve been working on this for months and when it finally happened it was a huge, really huge feeling,” says Zwiebel.
The police say that 17 million customers and more than 19,000 seller accounts they were registered at the market, which now carries a police seizure notice.
Hydra specialized in same-day “black box” services, in which drug dealers (vendors) hide packages in public places before informing customers of the pickup location.
Shortly after the German operation was announced, the US Treasury Department issued sanctions against Hydra “in a coordinated international effort to disrupt the proliferation of malicious cybercrime services, dangerous drugs, and other illegal offerings available through the Russia-based site.”
Hydra was written in Russian and had services with multiple countries.
In the past six months, many high-profile darknet marketplaces have been shut down, but Hydra he was apparently immune to attempts by the police toget downit.
The website was launched in 2015 to sell drugs, pirated materials, forged documents, and illegal digital services like bitcoin mixing, which cybercriminals use to launder stolen or extorted cryptocurrencies.
The site was written in Russian, with sellers located in Russia, Ukraine, Belarus, Kazakhstan, and countries in the region.
Zwiebel notes that the operation to shut it down began with a tip pointing to the possibility that the website’s infrastructure could be hosted in Germany.
“We got some clues through monitoring darknet activity by US officials. So we started in July or August of last year to dig deeper and investigate this field,” he explains.
were necessary many months to locate which company could host Hydra in Germany.
It was eventually discovered that it was a company called “bulletproof” hosting.
A bulletproof hosting company is one that does not audit the websites or content it hosts, has no problem hosting criminal websites, and avoiding police requests for customer information.
The site now has a closure notice.
Zwiebel says his investigators then took their evidence to a German judge for permission to approach the server company and issue a closure notice.
The company was forced to comply, otherwise they too could have been arrested.
Visitors to the site are now greeted with a police banner that reads “platform and criminal content have been seized.”
While celebrating their success, German authorities say they fear This Is Not The End Of The Hydra Cybercrime Group, unless they can find and arrest them.
“We know that they will find another way to do business. They will probably try to build a new platform, and we will have to keep an eye on it. We don’t know the perpetrators, so that is the next step,” Zwiebel says.
The news comes during a turbulent time for darknet markets with some of the most prominent sites being shut down in recent months, either voluntarily or as a result of police activity.
Many of the closures come from criminals who choose to phase out their operations and disappear with their wealth.
In January, the administrators of UniCC, a dark web site that sells stolen credit card details, walked out citing health reasons.
Voluntary closures also ended the White House Market in October 2021, Cannazon in November, and Torrez in December.
However, a BBC investigation earlier this year revealed that the most common way darknet sites are shut down is through so-called “exit scams,” in which administrators voluntarily shut down sites but They steal their clients’ funds in the process.
Now you can receive notifications from BBC World. Download the new version of our appy activate them so you don’t miss our best content.
German police say shutting down the infamous site took months of cyber investigation.
“It gave us all goosebumps,” says Sebastian Zwiebel, describing the moment his team shut down Hydra, the world’s largest darknet marketplace.
The website was a stronghold of cybercrime and survived for more than six years by selling illegal drugs and products.
But after a tip-off, German police seized the site’s servers and seized 23 million euros ($25 million) in bitcoin.
“We’ve been working on this for months and when it finally happened it was a huge, really huge feeling,” says Zwiebel.
The police say that 17 million customers and more than 19,000 seller accounts they were registered at the market, which now carries a police seizure notice.
Hydra specialized in same-day “black box” services, in which drug dealers (vendors) hide packages in public places before informing customers of the pickup location.
Shortly after the German operation was announced, the US Treasury Department issued sanctions against Hydra “in a coordinated international effort to disrupt the proliferation of malicious cybercrime services, dangerous drugs, and other illegal offerings available through the Russia-based site.”
Hydra was written in Russian and had services with multiple countries.
In the past six months, many high-profile darknet marketplaces have been shut down, but Hydra he was apparently immune to attempts by the police toget downit.
The website was launched in 2015 to sell drugs, pirated materials, forged documents, and illegal digital services like bitcoin mixing, which cybercriminals use to launder stolen or extorted cryptocurrencies.
The site was written in Russian, with sellers located in Russia, Ukraine, Belarus, Kazakhstan, and countries in the region.
Zwiebel notes that the operation to shut it down began with a tip pointing to the possibility that the website’s infrastructure could be hosted in Germany.
“We got some clues through monitoring darknet activity by US officials. So we started in July or August of last year to dig deeper and investigate this field,” he explains.
were necessary many months to locate which company could host Hydra in Germany.
It was eventually discovered that it was a company called “bulletproof” hosting.
A bulletproof hosting company is one that does not audit the websites or content it hosts, has no problem hosting criminal websites, and avoiding police requests for customer information.
The site now has a closure notice.
Zwiebel says his investigators then took their evidence to a German judge for permission to approach the server company and issue a closure notice.
The company was forced to comply, otherwise they too could have been arrested.
Visitors to the site are now greeted with a police banner that reads “platform and criminal content have been seized.”
While celebrating their success, German authorities say they fear This Is Not The End Of The Hydra Cybercrime Group, unless they can find and arrest them.
“We know that they will find another way to do business. They will probably try to build a new platform, and we will have to keep an eye on it. We don’t know the perpetrators, so that is the next step,” Zwiebel says.
The news comes during a turbulent time for darknet markets with some of the most prominent sites being shut down in recent months, either voluntarily or as a result of police activity.
Many of the closures come from criminals who choose to phase out their operations and disappear with their wealth.
In January, the administrators of UniCC, a dark web site that sells stolen credit card details, walked out citing health reasons.
Voluntary closures also ended the White House Market in October 2021, Cannazon in November, and Torrez in December.
However, a BBC investigation earlier this year revealed that the most common way darknet sites are shut down is through so-called “exit scams,” in which administrators voluntarily shut down sites but They steal their clients’ funds in the process.
Now you can receive notifications from BBC World. Download the new version of our appy activate them so you don’t miss our best content.
After staying for years abandoned, the Gallery Prestes Maia, in downtown São Paulo, will resume their vocation to house shows and exhibitions. From this Friday (25), the underground gallery, which connects the
Within the framework of the forum ‘Popular consultation: a viable mechanism to boost reforms?’ Organized by the magazine ‘Change’, the Minister of Labor, Antonio Sanguino, referred to the doubts and criticisms that
Huancayo box He has taken a new step in his digital transformation strategy. This Wednesday, the entity announced the launch of a new payment channel for its cards: the Google Pay digital
The general director of the strategic and special projects of the Presidency (Propeep), Robert Polancosaid Thursday that the alliance With local governments it represents a fundamental pillar to achieve a real inclusion
