Dark web marketplace (DWM) Hydra has processed nearly $3.2 billion in crypto since 2015, found cybersecurity firm Flashpoint and blockchain analytics crew Chainalysis.
Transaction volume on popular Russian-language DWM has jumped 624% since 2018 — rising to over $1.3 billion in 2020.
According to the joint report from the New York-based firms, Hydra’s buyers and sellers mainly use cryptocurrency exchanges to fund and withdraw from their accounts.
Flashpoint and Chainalysis didn’t reveal which crypto exchanges Hydra users favor, however they classed most as “high-risk” platforms.
By their definition, a high-risk exchange has little or no compliance programs such as Know Your Customer (KYC) processes.
- 37% of cryptocurrency sent from Hydra go to cryptocurrency exchanges.
- 31% end up at “risky services,” like exchanges with lax compliance, crypto mixers, and gambling services.
- 11% are sent to crypto wallets linked to cybercriminals and other illicit online activities.
Still, the analytics units followed millions of dollars in crypto from Hydra to “one of the top mainstream cryptocurrency exchanges on the market today.”
The largest deposit address — leveraged by Hydra users to withdraw funds — has fielded more than $7 million in crypto across 1,000 transfers.
Other prominent mainstream crypto exchanges have facilitated similar activity and volume, according to the report.
“Chainalysis research suggests that many of the larger deposit addresses are likely linked to services used to hide the trail of cryptocurrency such as Over-The-Counter (OTC) brokers.”
Strict Hydra rules hide crypto criminality
Flashpoint found that since July 2018, Hydra buyers and sellers have had to live with changing platform rules.
The rules were apparently designed to render the financial trail “meaningfully impaired.”
- Buyers were prevented from withdrawing crypto.
- Sellers must complete 50 transactions and maintain a $10,000 balance before they can withdraw.
- Withdrawals need to be first converted it into Russian rubles.
In fact, a new occupation in online drug-selling has emerged to skirt increased security measures and identity requirements on crypto exchanges — a technique dubbed “buried treasure.”
According to Chainalysis and Flashpoint, so-called “kladsmen” can earn $400 per day working as middlemen for sites like Hydra.
First, buyers bury fiat cash in a pre-arranged location. The seller later digs it up and buries the product (in this case drugs) for the buyer to collect — or ships them out as usual.
In any case, Hydra has so far evaded legal strife encountered by competitor DWMs like Joker’s Stash, Verified, and Maza.
Those platforms have either faced attacks from other cybercriminals or been dismantled by law enforcement.
“This may be a mere coincidence, or it could indicate that Hydra is more resilient to oscillating geopolitics and law enforcement efforts,” wrote Chainalysis and Flashpoint (our emphasis).
“The longer Hydra operates without major disruption, the more realistic the latter option becomes, with regional financially incentivized stakeholders the only plausible explanation.”