Hydra Market-Bust is an investigator's paradise

The Hydra Market bust contained 1.8 petabytes of data. The resulting new investigations will continue for years to come.

As reported by Wirtschaftswoche in its current print edition, it took more than a year before the Hydra Market servers based in Germany could be taken over. 390 Bitcoin worth then 23 Millions of euros were secured. But there was something else that was truly paradisiacal. The bust gave investigators access to around 17 million customers and more than 13. Vendor Accounts. In other words, the contact and payment details of the online traders who were active on what was once the largest Darknet marketplace. The illegal goods had to be paid for somehow and sent to an address.

Various foreign investigative authorities have already expressed an interest in the data. Meanwhile, ZIT Hessen and the BKA are examining how the transfer can take place.

Data from Hydra Market is as valuable as from EncroChat

Such information is worth its weight in gold for investigative authorities – and is eagerly exchanged in cooperation with international investigative authorities “, the Berlin criminal defense lawyer Ehssan Khazaeli told us on request. Similar to the decryption of the Dutch EncroChat server, hundreds of further investigations will be initiated from the information obtained. 2020 Dutch and French investigators managed to decrypt thousands of chats. Until then, EncroChat was considered the “WhatsApp of criminals”.

The knowledge gained from this was also passed on to German investigators. Since then, hardly a week has gone by without home searches and arrest warrants being executed. The Federal Court of Justice recently confirmed that the knowledge gained from EncroChat proceedings may also be used by German courts. According to the defense attorney Khazaeli, a decision by the Federal Constitutional Court is still pending.

1.8 petabytes must be evaluated promptly

That means specifically: The Hydra Market could become what EncroChat is currently. An almost endless source of data for police and authorities, which will result in countless other criminal prosecutions. No one can estimate how long it will take to evaluate the 1.8 petabytes on the hard drives of 63 different web servers. With the exception of one Hydra admin, it was not possible to unmask the identity of the remaining backers. But due to the lack of a Bitcoin wallet, they will now lack the money to build something new.

Admins from Hydra Market without earnings

In addition. It will be several years before a possible successor can have the market power of the original. 2020 the marketplace owned a share of the turnover of all illegal trading platforms from whopping 94%. Last year it was at least 78%. This is according to calculations by Chainalysis, which monitored movements on the BTC blockchain for their estimate. 2020 the Hydra Market turned over $1.6 billion.

If the use of Monero had been insisted on, no estimates of sales would have been possible. A BTC ban was probably waived due to the unbroken popularity of this cryptocurrency. However, many former buyers and sellers are now in danger of being busted too.

Hydra Market, beschlagnahmtHydra Market, beschlagnahmt

By the way, the hot lead came from the IRS, which pursues money laundering offenses in the USA, among other things. The colleague from overseas found out that the IP addresses of the servers were located in Germany. From the first contact to the bust from the Hydra Market then passed for the investigators 09 busy months. The BKA had not previously been able to find out any details because the site was only accessible via the Tor network.

Invoice not paid: Webhoster threatened to shut down

The trail then led to the East. A straw man had paid for the servers’ hosting fees using a Russian credit card. It got exciting again shortly before access because the credit card from Russia was no longer valid due to western sanctions. The web host threatened to shut down the many Hydra Market servers, including the helpful files, for lack of payment. That would have been a fiasco for the investigators so close to their goal.

Monero, KryptoHydra Market, beschlagnahmt

The employees of the ZIT Hessen and the BKA are prohibited from paying the hosting fees pay in your own pocket. They may not commit or encourage any criminal offenses, even for investigative purposes. All or nothing, they said. Russia has repeatedly threatened to cut off its part of the Internet from the rest of the world. In that case, the operators would have closed their marketplace anyway. To save time, they decide to forego investigating the operators and focus on confiscating the data and bitcoin wallets. Better that than nothing at all, one might have thought.

Article recommendation

Germany on the subject of web hosting far ahead

The reasons for the frequent use of German web hosts are obvious. Data centers in Germany often have a very good connection and are comparatively cheap. Since everything is encrypted on the servers, the operators apparently felt quite safe. Without being on site, gaining full access to the devices is complicated.

Who will inherit the Russian-speaking Hydra Market, which, however, had an international audience, remains to be seen. At the moment, the newly resurrected AlphaBay is overtaking all of its competitors. More than 340.000 registered users worldwide since the end of Hydra Market for the top spot of all Darknet marketplaces.


Lars Sobiraj started in 908 as a career changer for various computer magazines be. 908 numerous other online magazines were added in addition to gulli.com. He is the founder of Tarnkappe.info. In addition, Ghandy, as he calls himself in the scene, has been taking participants to various universities and training institutions since 2014. how the internet works.


Related Articles

Back to top button