DOJ charges Russian national with operating world’s ‘largest darknet market’
Image: US Justice Department
Jonathan Greig April 6, 2022

DOJ charges Russian national with operating world’s ‘largest darknet market’

DOJ charges Russian national with operating world’s ‘largest darknet market’

The US Justice Department on Tuesday filed charges against Dmitry Olegovich Pavlov, a 30-year-old Russian national accused of a range of crimes connected to “his operation and administration of the servers used to run” Russian dark web marketplace Hydra.

The announcement came shortly after German authorities said they shut down some of Hydra’s operations in a raid that saw police seize more than $25 million worth of Bitcoin. 

According to the DOJ, Pavlov ran a company called Promservice Ltd. – also known as All Wheel Drive and 4x4host.ru – that helped keep Hydra running. 

“During that time, Pavlov, through his company Promservice, administered Hydra’s servers, which allowed the market to operate as a platform used by thousands of drug dealers and other unlawful vendors to distribute large quantities of illegal drugs and other illicit goods and services to thousands of buyers, and to launder billions of dollars derived from these unlawful transactions,” the DOJ explained.  

“As an active administrator in hosting Hydra’s servers, Pavlov allegedly conspired with the other operators of Hydra to further the site’s success by providing the critical infrastructure that allowed Hydra to operate and thrive in a competitive darknet market environment. In doing so, Pavlov is alleged to have facilitated Hydra’s activities and allowed Hydra to reap commissions worth millions of dollars generated from the illicit sales conducted through the site.”

The charges come after The Bundeskriminalamt (BKA), Germany’s Federal Criminal Police Office, and the Frankfurt Public Prosecutor’s office for combating cybercrime said they worked with US officials on the investigation that led to Tuesday’s raid.

The DOJ confirmed the cooperation in a release on Wednesday, noting that in 2021 alone, Hydra accounted for an estimated 80% of all darknet market-related cryptocurrency transactions. 

The marketplace has brought in an estimated $5.2 billion in cryptocurrency since 2015, according to the Justice Department.

Worlds largest darknet market

Attorney General Merrick Garland called Hydra the world’s “largest darknet market” but noted their work “is far from over.” The Justice Department said in legal filings that vendors on Hydra sold cocaine, heroin, methamphetamine, LSD, and other opioids.

US officials explained that in addition to the sale and purchase of illicit drugs, Hydra was used to buy stolen financial information and fraudulent identification documents. The platform gave people access to money laundering and mixing services, with Hydra’s operators charging commissions for each transaction.

Several vendors offered a range of identification documents including customizable US passports and drivers’ licenses.

Hydra was also a place where people could buy and sell hacking tools as well as gain access to a range of online account information. 

“Hydra’s money laundering features were so in-demand that some users would set up shell vendor accounts for the express purpose of running money through Hydra’s bitcoin wallets as a laundering technique,” the DOJ said.

Users of the platform could give vendors a 1-5 rating and reviews based on their products.

The Justice Department said it worked with the FBI, the Drug Enforcement Administration, the IRS, the US Postal Inspection Service and the Homeland Security Investigations on the investigation. 

David Carlisle, director of policy and regulatory affairs at blockchain analysis firm Elliptic, noted that the US Treasury Department also sanctioned Hydra and Estonia-based crypto exchange Garantex this week. 

“Both entities were involved in facilitating tens of millions of dollars worth of ransomware proceeds on behalf of Russian cybercriminals. This action demonstrates that the US government remains laser focused on disrupting the Russia-linked ransomware ecosystem,” Carlisle said.  

“While Hyrda was taken down by German law enforcement today, by sanctioning Hydra, OFAC is making sure that individuals associated with Hydra do not attempt to cash out any funds they continue to hold onto through US-based crypto exchanges.”

Jonathan has worked across the globe as a journalist since 2014. Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic.