In a coordinated international effort to disrupt malicious cybercrime activity, the US Treasury Department on Tuesday sanctioned a Russian virtual currency exchange and darknet market known to be the largest and most important in the world.
Hydra was launched in 2015 and has since enabled its customers to engage in malicious cybercrime, obtain illicit drugs, as well as conduct other illegal activities.
Specifically, the network is responsible for the global proliferation of ransomware attacks, hacking software, online identity theft, and trade in stolen virtual currency.
These markets almost universally require cryptocurrencies like bitcoin or Ethereum as payment for their services.
As part of an international investigation into Hydra, German law enforcement seized $25 million worth of bitcoin from cybercriminals on Monday, after federal police carried out an operation that shut down their servers in the country.
Meanwhile, US investigators managed to identify an additional $8 million in ransomware proceeds that were funneled through Hydra accounts.
“Today’s action – coordinated with our allies and partners – disrupts ransomware infrastructure and actors and targets the misuse of virtual currency to launder ransom payments,” said the US Secretary of State. Anthony J. Blinken.
Despite this recent success, the darknet market’s revenue streams have exploded in recent years as it has become the go-to place for Russian illicit finance and cybercrime activities. In 2016, Hydra recorded less than $10 million in business; in 2020, that figure was $1.3 billion.
Additionally, around 86% of bitcoin illicitly traded in 2019 – which passed through Russian cryptocurrency exchanges – did so via Hydra, according to the Treasury.
Typically, the darknet adds a layer of anonymity to its users via software that pings the exact location of their computers anywhere in the world. This makes it difficult for law enforcement to properly identify conspirators who use sites like Hydra for illicit purposes.
However, in addition to the sanctions, US authorities announced that they have identified more than 100 virtual currency addresses used in the site’s illicit operations and transactions.
This will help police track Hydra conspirators, especially when they have to operate in the real world, such as when they venture out to deliver illicit goods, such as drugs, to a predetermined drop-off point after a sold online.
Also Monday, the Treasury sanctioned the virtual exchange site Garantex, which carries out the majority of its operations from Moscow.
Garantex allows its customers to buy and sell virtual currencies using fiat currencies, which, in a nutshell, are money that is not backed by any commodity like gold or silver. US authorities say the site has processed more than $100 million in transactions related to illicit actors and darknet markets, including about $2.6 million from Hydra.
Originally licensed in Estonia, Garantex was stripped of its privileges to operate there two months ago, after the country’s financial intelligence unit established that the site’s customers were using the virtual currency exchange for criminal purposes such as than money laundering.
Despite this, Garantex continued to aid and abet criminal activity from its current locations in Moscow and St. Petersburg, according to the Treasury.