U.S. Sanctions Russian Darknet Marketplace and Crypto Exchange Provider

Published: 08 April 2022

Bitcoin AnotherIn a coordinated international effort to disrupt malicious cybercrime activity, the U.S. Department of the Treasury sanctioned a virtual currency exchange site and a Russian darknet marketplace. (Photo: Mohamed Hassan, PxHere, License)

By Henry Pope

In a coordinated international effort to disrupt malicious cybercrime activity, the U.S. Department of the Treasury sanctioned Tuesday a virtual currency exchange site and a Russian darknet marketplace, known to be the largest and most prominent in the world.

Hydra was launched in 2015 and since then enables its customers to engage in malicious cybercrime, obtain illicit drugs, as well carry out other outlawed activities.

Specifically, the network is responsible for the global proliferation of ransomware attacks, hacking software, online identity theft, and the trade of stolen virtual currency.

Such marketplaces almost universally demand cryptocurrencies like bitcoin or Ethereum as payment for their services.

As part of an international investigation into Hydra, German law enforcement seized US$25 million worth of bitcoin from the cybercriminals on Monday, after federal police carried out an operation that shut down their servers in the country.

Meanwhile, American investigators managed to identify another $8 million in ransomware proceeds that were funneled through Hydra’s accounts.

“Today’s action – coordinated with our allies and partners – disrupts ransomware infrastructure and actors and targets the abuse of virtual currency to launder ransom payments,” said U.S. Secretary of State Anthony J. Blinken.

Despite this recent success, the darknet marketplace’s revenue streams have skyrocketed in recent years as it became the go-to place for Russian illicit finance and cybercrime activity. In 2016, Hydra recorded less than $10 million in business; in 2020, that figure was $1.3 billion.

Moreover, roughly 86 percent of 2019’s illicitly traded bitcoin—that traveled through Russian cryptocurrency exchanges—did so through Hydra, according to the Treasury.

As a rule, the darknet adds a layer of anonymity for its users via software that pings their computers’ exact location all over the globe. This makes it difficult for law enforcement to properly identify conspirators who use sites like Hydra for illicit purposes.

However, in addition to the sanctions, American authorities announced that they identified over 100 virtual currency addresses used in the site’s operations and illicit transactions.

This will aid police in tracking Hydra’s conspirators, especially when they must act in the real world, such as when they venture out to deliver illicit goods, like drugs, to a predetermined drop off point following an online sale.

Also on Monday, the Treasury sanctioned the virtual currency exchange site Garantex, which conducts the majority of its operations out of Moscow.

Garantex allows its customers to buy and sell virtual currencies using fiat currencies, which, in a nutshell, is money that is not backed by any commodity such as gold or silver. American authorities state that the site has processed over $100 million in transactions linked to illicit actors and darknet markets, including roughly $2.6 million from Hydra.

Originally licensed in Estonia, Garantex was stripped of its privileges to operate there two months ago, after the country’s Financial Intelligence Unit established that the site’s clients were using the virtual currency exchange for criminal purposes such as money laundering.

Despite this, Garantex has continued to aid and abet criminal activity from its current sites in Moscow and St. Petersburg, according to the Treasury.