'Treasure hunter' dark web marketplace Hydra seized and shuttered by German cyber police

News
By Connor Jones
published

Hydra Market operated on a vastly different model to most other popular marketplaces of its kind and was among the most popular in existence

German BKA staff entering a building
(Image credit: Getty Images)

German authorities shut down the ‘treasure hunter’ dark web marketplace Hydra, believed to be the largest marketplace of its kind in existence.

Hydra originates from Russia and caters to customers in several Eastern European and Asian countries such as Russia, Belarus, Kazakhstan, and Armenia.

What is the dark web? “Bulletproof” dark web data centre seized by German police A simple guide to the dark web

The German Central Office for Combating Cybercrime (ZIT) and the Federal Criminal Police Office (BKA) announced on Tuesday that they seized Hydra’s server infrastructure and closed the dark web operation.

It follows months of investigations led by the BKA and ZIT first starting in August 2021 and supported by the US authorities too.

“According to ZIT and BKA estimates, ‘Hydra Market’ was probably the illegal marketplace with the highest turnover worldwide,” the BKA said. “Its sales amounted to at least 1.23 billion euros in 2020 alone.

“In particular, the Bitcoin Bank Mixer, a service for obfuscating digital transactions provided by the platform, made [cryptocurrency] investigations extremely difficult for law enforcement agencies.”

Announcing the news, the BKA also said it seized 23 million euros worth of Bitcoin in the process of closing the illegal operation.

German authorities also played a significant role in taking down the Alphabay and Hansa markets in 2017. Authorities seized control of Hansa's servers after shutting down Alphabay, operating on the site as administrators to gather information on individuals before shutting down the site for good.

A highly unique model

Active since at least 2015, Hydra Market operated on a model that was much different to other markets like it; others typically allow users to place orders for illicit items which are received through the post.

Hydra operated on a ‘treasure’ model, according to information obtained by The Project, which sees a network of suppliers and delivery personnel hide packages in inconspicuous locations for buyers to go and collect in person.

International and domestic suppliers worked together to create ‘master treasures’ - large banks of illicit items like drugs - for delivery staff to drop at ‘local treasure’ locations convenient for the buyer.

Buyers could opt for instant delivery where they would receive coordinates to find the hidden package at the point of purchase or select a pre-order to arrange collection later.

RELATED RESOURCE

Edge-to-cloud security webinar

Safeguards your IoT devices that require Zero Trust

FREE DOWNLOAD

There also existed a roulette-style feature on the site where users could stake a sum smaller than what was required for their order and risk either losing their money and not getting any product or winning their desired order for the lower price they staked.

According to the BKA, Hydra Market had 17 million customers using the site and more than 19,000 suppliers were registered by the time it was taken down.

Connor Jones
Connor Jones
News and Analysis Editor

Connor Jones has been at the forefront of global cyber security news coverage for the past few years, breaking developments on major stories such as LockBit’s ransomware attack on Royal Mail International, and many others. He has also made sporadic appearances on the ITPro Podcast discussing topics from home desk setups all the way to hacking systems using prosthetic limbs. He has a master’s degree in Magazine Journalism from the University of Sheffield, and has previously written for the likes of Red Bull Esports and UNILAD tech during his career that started in 2015.