Global Law Enforcement Wins: Germany Shuts Down Hydra, US Treasury Department Enforces Sanctions | Robinson+Cole Data Privacy + Security Insider


In a victory for global law enforcement, Germany’s Bundeskriminalamt (BKA) announced on April 5, 2022 that it had officially taken down the infrastructure of Hydra, an illegal dark web market based in Russia that allegedly facilitated more over $5 billion in Bitcoin Transactions since its inception in 2015. During the shutdown process, German authorities seized over $25 million in Bitcoin through 88 transactions. According to BKAit “secured the server infrastructure in Germany of the world’s largest illegal Darknet market, ‘Hydra Market'”.

BKA attributed the takedown to a collaborative investigation between its Central Cybercrime Bureau and US law enforcement authorities since August 2021.

According to BKA, Hydra had 17 million customers and more than 19,000 registered seller accounts on its marketplace, and “was probably the illegal marketplace with the highest turnover in the world.”

Following the dismantling in Germany, the Office for Foreign Assets Control (OFAC) of the United States Department of the Treasury (Treasury) followed up with punishments against Hydra, which Treasury Secretary Janet Yellen said is sending “a message today to criminals that you can’t hide on the darknet or their forums, and you can’t hide in Russia or anywhere else in the world”.

The statement from the Treasury states: “Fighting ransomware is a top priority of the administration. Today’s action supports the administration’s anti-ransomware lines of effort to disrupt ransomware infrastructure and actors in close coordination with international partners” and calls Russia a “haven for cybercriminals” .

Therefore, Hydra was named by OFAC “to be responsible for or complicit in, or to have engaged in, directly or indirectly, cyber activities originating from, or directed by persons located, in whole or in large part, outside the United States that are reasonably likely to cause or have materially contributed to a significant threat to the national security, foreign policy, economic health, or financial stability of the United States and which have as their purpose or effect of causing a material misappropriation of funds or resources, trade secrets, personal identifiers or financial information for commercial or competitive advantage or private financial gain”.

The Treasury further sanctioned virtual currency exchange Garantex, which is located in Estonia but operates in Moscow and St. Petersburg, Russia. According to the Treasury, more than $100 million in transactions on the exchange were associated with “illegal actors and darknet markets”, including Conti and Hydra.

Consequently, the Treasury designated Garantex “for having operated or operated in the financial services sector of the economy of the Russian Federation”, which “reinforces the recent public guidelines of OFAC aimed at further reducing the possibilities of potential circumvention of sanctions by Russia, in support of the G7 leaders’ commitment to maintaining the effectiveness of economic measures.

These actions by the Treasury Department send a strong message to cybercriminals that sanctions related to the war in Ukraine are rapidly prompting closer scrutiny and action by law enforcement against anyone associated with Putin or Russia.

To learn more about what these sanctions mean for U.S. individuals and businesses, click here.


Comments are closed.