Yesterday, the U.S. Department of the Treasury sanctioned dark web marketplace Hydra Market, labeling it a pernicious site for malicious cybercrime services, dangerous drugs, ransomware, and other illicit activity. Hydra Market is said to be based in Russia.
Also sanctioned, Garantex is a crypto exchange originally registered in Estonia. The majority of Garantex’s operations are said to be carried out in Moscow, and St. Petersburg, Russia.
The action was pursued by the Treasury’s Office of Foreign Assets Control (OFAC).
The action taken against Hydra was a collaboration of multiple US agencies including, the U.S. Department of Justice, Federal Bureau of Investigations (FBI), Drug Enforcement Administration (DEA), Internal Revenue Service Criminal Investigation (IRS), and Homeland Security Investigations.
Approximately $25 million in Bitcoin was seized as part of the action with the assistance of the German Federal Criminal Police, who shut down Hydra servers in Germany.
Secretary of the Treasury Janet Yellen said the ability of criminals to operate with impunity is deeply concerning:
“Our actions send a message today to criminals that you cannot hide on the darknet or their forums, and you cannot hide in Russia or anywhere else in the world. In coordination with allies and partners, like Germany and Estonia, we will continue to disrupt these networks.”
Treasury described Russia as a haven for cybercriminals.
Hydra was launched in 2015 and is said to be the most prominent Russian darknet market, and the largest darknet market left in the world. OFAC’s investigation identified approximately $8 million in ransomware proceeds that utilized Hydra’s crypto accounts.
Treasury said that analysis of Garantex transactions indicated that over $100 million in transactions are associated with illicit actors and darknet markets, including nearly $6 million from Russian RaaS gang Conti and also including approximately $2.6 million from Hydra. In February 2022, Garantex lost its license to provide virtual currency services following an action by Estonia’s Financial Intelligence Unit that revealed AML/CFT shortcomings along with connections between Garantex and digital wallets used for criminal activity.
The list of the crypto wallets that have been sanctioned is available here.