On December 11 the following breaking news hit the Russian darknet community:
“German law enforcements spotted the largest darknet market connected with drug trafficking in countries of former Commonwealth of Independent States. It was a result of well-coordinated operation carried out by the Administration C* and German police. Special forces act promptly and at the moment analyze information stored on the market’s computers.”
*a unit of Ministry of Internal Affairs of Russian Federation
With this photo attached:
It is not a secret for anyone that the reported “largest Russian DNM” is Hydra and the post is about its seizure. The news was published on several Russian drug forums and social networks and of course turned primarily drug dealers into panic. Shortly afterwards, it was found out that the message is nothing but a fake. And besides quite a low-quality fake.
The text of the news contains a link to the original source; however, by clicking it only becomes a blank webpage.
Furthermore there was no information about DNM bust on the official website of the Bavarian police. But the photo attached to the news was found on the police account on Twitter depicting the arrest of a bank robber occurred on September 4 and was not related to the market at all!
Search engines also failed to find news about Hydra seizure.
December 13 Hydra admins posted a statement on the official Telegram channel and put an end to rumors. The news was called a fake, an attempt to jeopardize the market’s reputation. Admins say that all the valid information about the market can be found on their forum or Telegram channel and advice to avoid unverified resources.
Not long time ago Hydra “stopped the timers”. On December 9, the following statement was posted on the official channel:
“Dear friends, guests and long-time Hydra users! We have just stopped all the timers. The decision to take this measure is connected with an unstable work of the market caused by DDoS attacks. Pre Orders, orders, disputes, rent payment are temporarily frozen. No need to worry. The situation is under control. Please, wait till the server operation is fully restored.”
It raised questions about the future of leading DNM.
However, the administration calmed people down, saying that the servers experience a powerful DDoS attack, but the case is not critical and they will withstand as did before, during even more severe attacks.
Hydra blames competitors and promises to strike back. But it is not known who exactly will be the target of counterattack. Is the major war is about to start? Hydra versus all Russian DNMs?
Let us try to find out who could have ordered abovementioned actions against Hydra.
Currently there are only 3 DNMs able to compete:
Two of them (Paradise and Matanga) have been offline for several days already, possibly as a result of Hydra’s countermeasures. Paradise market, established in July 2017, has not grown much since that time. According to the admin’s words it “works at a loss, income covers only about 20% of expenses”. As we all know, a DDoS attack is not a free-of-charge service, costs money, which (if we believe his words) Paradise does not have. Furthermore, the rumors spread that the market has exit scammed.
Matanga is not a reputable market, with little income which makes it unlikely to be a DDoS attacks’ initiator. Besides, in case Hydra is defeated, Matanga has zero chances to become the leader of Russian DNMs.
After this brief analysis we come to the conclusion that only Blackmart could be responsible for the assault on Hydra. Blackmart was established by the admins of drug forum RuTor. It has grown fastly to become the second largest market and proven to be the only one immune to DDoS attacks. Its admin declared on the forum that “they are not afraid of Hydra or anyone else”.
We should not ignore the possibility that Russian LEAs are responsible for DDoS. As some of you might know Hydra’s activity has become too obvious for Russian society. It is a result of an advertising campaign, very brazen in many ways. Take, for example, ads on YouTube promoting the market. In Russia, when you say the “darknet market”, everyone recalls Hydra and ordinarily nothing else. That is why we come to logical assumption that the government might have ordered law enforcement agencies to put an end to this outrage.