“We got some hints through monitoring darknet activity from US officials. So we started in July or August last year to dig deeper and to investigate this field,” he says. Throughout Russia’s war with Ukraine, Solaris has become affiliated with pro-Kremlin cyberhacking group Killnet. Run by anonymous hacker “KillMilk”, Killnet has come to the attention of the Five Eyes Intelligence Network for its distributed denial of service (DDOS) attacks against NATO and Ukrainian cyber infrastructure. Many online shops employ enforcers, known as “sportsmen”, to find and punish kladmen with bad reviews from buyers who could not find their drugs, or those who are suspected of stealing. The poorer couriers are easily traced because those who could not afford the deposit needed to get the job have to provide an ID card. “Everyone above the age of 14 in Russia knows about kladmen and dead drops,” said a Russian lawyer specialising in the drug world.
Russian Anonymous Marketplace
Runion does not have the marketplace focus, but instead covers a wide range of darknet criminal specific topics such as Operational Security, Cryptocurrencies, Weapons, Finance and Law, Breaking and entering, Psychology, Hacking as well as Substances and Health. Example threads include in-depth technical conversations around potential Telegram hacking techniques, Dismantling and Shooting an RPG-22, and modifying smartphones for increased telecommunications security. RuTor has been an active Tor hidden service since 2015 and has quickly established itself as a reliable information resource for Russian hacking, darknet education, and project collaboration. RuTor’s landing page has several distracting advertisements at the top of the site similar to the previously popular RAMP marketplace.
This reduces the likelihood of vendors who are actually scammers or law enforcement utilizing the site for entrapment and exploitation. The dark web isn’t going away, so you need to understand the risks and take necessary precautions to stay safe online. While the deep and dark web serve legitimate purposes, they also facilitate illegal activities and create difficulties for law enforcement.
The Russian Underworld Since The Ukraine Invasion
It, however, becomes illegal when you use it for unlawful activities such as buying drugs, weapons, stolen data, or engaging in cybercrime. Many people, including journalists and researchers, access the dark web legally for work-related purposes. But this very public advertising blitz stemmed from events that took place In April 2022, when the world’s biggest ever darknet market Hydra, which made most of its money selling drugs, was shut down and its alleged mastermind Dmitry Pavlov was arrested in Moscow. Yet, like the Hydra of Greek legend, whose heads multiply when they are severed, a new generation of darknet markets popped up to challenge for control of a market worth at least $1.37 billion, according to unofficial estimates. The particularities of DNMs operating in the former Soviet Union means there is little interplay between them and western/global darknet marketplaces. Each has different target audiences, vendors, modus operandi, and characteristics.
IV Shadow Fleet Incidents And Accidents
Earlier today, a New York man was resentenced to three years in prison for his creation and operation of BreachForums, a marketplace for cybercriminals to buy, sell, and trade hacked or… Hydra delivers drugs to buyers via “drops,” in which a delivery person hides the purchase close to a buyer and shares the geolocation of the package so it can be collected. In December 2019, Hydra announced it wanted to expand to other regions of the world and would hold a $146 million token sale. According to the Tor Metrics data in Tables 1 and 2, Russia has accounted for upward of 20% to 35% of the bridge users by country since December 2021, when Moscow tightened the dark web/VPN restrictions. However, according to the same data, over the past year, another country ripe with internal conflict and social unrest has taken over as the top country for bridge users—Iran. In terms of destinations for these vessels, there has not been much change since new trading patterns established themselves post-invasion and since the EU price cap was put into place.
There is even a how-to guide, the Kladman’s Bible, which instructs couriers in how to package and hide drugs while avoiding police and “seagulls” – specialist thieves who hunt for dead-dropped drugs. They are encouraged to take the Russian winter weather into consideration by covering telltale footprints in the snow. Complete digital access to quality analysis and expert insights, complemented with our award-winning Weekend Print edition. Accessing them may require .onion links and the Tor browser, but caution is advised due to legality and cybersecurity risks. Active for a decade since 2014, it is a widely used credit card shop used to source stolen credit card information such as dumps, CVVs, Wholesale Accounts. The Abacus Market links to the new dark web marketplace sections and took over much of the vacuum left by the AlphaBay takedown.
Largest Darknet Stolen Credit Card Site Closes
Since then, OFAC has added multiple other Russian banks and cryptocurrency exchanges accused of facilitating money laundering operations for Hydra’s “customers,” including Garantex, Bitpapa, and Netexchange. Hydra Market enabled vendors of a wide range of drugs — including heroin, other opioids, cocaine, methamphetamine and LSD — to connect with customers of those narcotics, who could rate sellers on a five-star system, according to U.S. prosecutors. Russian Market has consistently remained one of the most popular and valuable data stores on the dark web.
Russian Dark Net Markets Dominate The Global Illicit Drug Trade: Report
UNCLOS provides more significant rights to vessels traveling in countries’ exclusive economic zones (EEZs), which extend 200 nautical miles beyond the territorial waters. A country has the exclusive rights to natural resources within its EEZ as well as the exclusive rights to offshore installations there. It does not, however, have legal powers over the EEZ beyond the policing of those resources and installations.24El-Fakir, “Retaliatory or Lawful? Retired Rear Adm. Nils Wang, a former chief of the Danish Navy (which is also responsible for most of Denmark’s coast guard functions), told me that “the whole construct of merchant shipping rests on very significant rights of free navigation. As long as you’re in the high seas, a country’s EEZ, or the outer edge of its territorial waters, you have the right to ‘innocent passage’. That means that if you’re not doing anything harmful to the environment or the seabed, the coastal country can’t impose any sanctions on you.”25Nils Wang (retired rear admiral, Danish Navy), in interview with the author, November 21, 2023.
Top 7 Dark Web Marketplaces
The marketplace was taken down in 2022 by international law enforcement after its servers, located in Germany, were seized. Hydra had about 17 million customers and more than 19,000 accounts selling a variety of things, according to German authorities. The Norwegian Coastal Administration told me it has seen significant changes in traffic with crude oil tankers from Russia through the Baltic Sea.32Email to the author, November 29, 2023. This route originates in Russia’s Baltic ports of Saint Petersburg, Primorsk, and Kaliningrad and ends in the North Sea, from where the vessels travel to their final destinations. (The Great Belt is considered an international strait, though it’s administered by Denmark, which also provides optional pilotage.) Vessels departing Russia’s Arctic ports can also sail around Norway’s North Cape and south along the Norwegian coast. Since 2022, the tankers traveling the Baltic Sea route have grown in both size and length.34Norwegian Coastal Administration internal report.
- In August 2022, The New Statesman published an article about how the Russian invasion in Ukraine was “reshaping the dark web” and that “the geopolitical tensions that have changed the world are also changing the dark web” 3.
- Matveev has been linked to damaging ransomware attacks targeting critical infrastructure, government agencies, and businesses worldwide.
- Quality and validity of the data it provides justify its higher cost over other marketplaces.
- This year’s first “Friday the 13th” proved to be unlucky for some in the dark web ecosystem.
- The dark web thus removed the need to consort with Addidas-wearing gopniks (thugs.) Plug not picking up their phone?
The market emphasizes anonymity and security, conducting transactions exclusively through cryptocurrencies like Bitcoin and Monero. Here’s a look at the top 10 dark web markets currently dominating this underground space. The recent sentencing of Russian cybercriminals is unusual for the country, which typically turns a blind eye to threat actors operating within its borders as long as they do not attack Russian organizations and individuals. Since 2015, Hydra Market has received about $5.2 billion in cryptocurrency for transactions on the site, reaping commissions worth millions of dollars on those sales, the DOJ said. The DOJ also charged one of Hydra Market’s alleged operators with conspiracy to distribute narcotics and conspiracy to commit money laundering. We’re back with another video in our Webz Insider video series on everything web data.
This Russian dark web platform was used by criminals to sell drugs and launder money, and it had a turnover of $1.35 billion in 2020, 19,000 registered seller accounts, and served at least 17 million customers worldwide. Russian authorities have sentenced the leader of the criminal group behind the now-closed dark web platform Hydra Market to life in prison. Additionally, more than a dozen accomplices have been convicted for their involvement in the production and sale of nearly a ton of drugs. While the Hydra Market may be defunct, the court’s judgement sends a strong message, showing Russia’s willingness to combat large-scale cybercrime, even if it swerves from the country’s usual approach. Russian law enforcement generally turns a blind eye towards cybercrimes targeting individuals outside the country.
The market is especially well-known for providing access to freshly compromised data, often obtained from recent breaches and stealer logs. FreshTools, founded in 2019, specializes in selling stolen account credentials and data, particularly webmail, RDPs (Remote Desktop Protocols), and cPanels. The marketplace requires merchants to pay fees to sell their products, helping ensure a certain level of quality control. The DOJ said it had obtained an indictment against a resident of Russia, 30-year-old Dmitry Olegovich Pavlov, for conspiracy to distribute narcotics and conspiracy to commit money laundering, in connection with his operation and administration of the servers used to run Hydra. Administered by one who goes by Zed, Runion lists over 69,000 members, almost 20,000 topics, and over 300,000 messages posted on their forum since 2012.
As of 2020, nearly 57% of the dark web was estimated to contain illegal content, including violence and extremist platforms. The two charts below show which markets Hydra’s previous counterparties used the most in both of those two time periods. The color of the lines show the former Hydra users’ category of activity and the thickness of the lines show the proportion of their activity flowing to new markets after Hydra was shut down.
These white, synthetic stimulant powders that mimic cocaine and MDMA are highly prevalent in Russia, eastern Europe and the Balkans because they’re cheap and easy to manufacture locally. Darknet marketplaces are commercial websites accessed by an encrypted browser which operate on the dark web, functioning primarily as black markets for illegal activity or substances. The fact they were being advertised so publicly in Moscow was slightly bizarre. 2) DNMs operating in former Soviet countries generally employ fewer on-chain operational security measures.
Barrels Per Day (BPD) Moved Using The Dark And Gray Fleets
Russia started tightening its restrictions on VPN services like Tor and dark web usage two months before the invasion of Ukraine, in December 2021. In an article published that same month, Reuters highlighted the “crackdown,” where the Russian government blocked access to the Torproject.org, a climax in a multiple year campaign of enforcing restrictions for VPNs 5. While the top five flags for gray fleet vessels remained the same as in our last report earlier in the war, the numbers within the top five have greatly shifted. As of March 2023, the leading flag for gray fleet vessels is the Panama flag (last report, it was ranked fifth).
US Court Jails Russian Hacker 9 Years For Stock Cheating Scam
WizardShop has solidified its status as one of the best data stores in the dark web by providing an impressive quantity of quality data as well as providing a trustworthy, easy to use interface allowing criminals easy and secure buying and selling. Established in 2022, Torzon market is one of the biggest and most diverse marketplaces on the dark web. It is considered very secure thanks to strict user validations and transparent payment and vendor review procedures. STYX Market focuses specifically on financial fraud, making it a go-to destination for cybercriminals engaged in this activity. To expand their reach, some marketplaces established parallel channels on Telegram. This further complicates monitoring efforts because now you need to search for the related Telegram channels and track activity there and on the marketplace itself.
4) Russian-language DNMs seek to establish monopolies, something most western DNMs largely avoid due to the resulting pressure, attention, and risk of law enforcement action that such dominance could bring. The customer doesn’t know the kladman drug distributor, who doesn’t know their boss, and their boss doesn’t know their supplier,” said Niko Vorobyov, the Russian-born author of a book about the global drug trade. In April 2022, the German federal police, acting on information from their American colleagues, seized the servers hosting Hydra, replacing its banner with their logo and retrieving $25 million in Bitcoin. At first, buyers hoped the platform would be resurrected and reappear in some form. Hand-to-hand sales enjoyed a brief revival, but more so in small towns and rural areas. Solaris users attempting to access the market on January 13th were met with a redirect to Kraken, with a notice announcing that it had successfully taken over Solaris’ cyber infrastructure, GitLab repository and project sources.
It has an active forum and community along with an extensive user vetting process. It was the first big site where people could anonymously buy drugs using Bitcoin, and it gained a lot of attention, until it was shut down by the FBI in 2013. Four of the top five highest-earning darknet markets in 2022 were conventional, drug-focused darknet markets, while just one, Brian Dumps, was a fraud shop. With the events unfolding across Europe or in the Middle East, the dark web remains an essential component to empower internet freedom for those engulfed in the turmoil.
