dark-web-revenue-down-dramatically-after-hydra's-demise

Share news article

Share on facebook
Share on twitter
Share on linkedin
Share on email

Dark Web Revenue Down Dramatically After Hydra's Demise

During the first few months of 2022, business was booming at Hydra Marketplace, the premiere Dark Web destination for cybercrime money laundering and selling narcotics and other illegal goods and services.

In fact, until its takedown in April 2022, Hydra owned a full 93% of all illicit underground economic activities.

Here’s how massive Hydra’s presence was on the Dark Web: In the days leading up to Hydra’s takedown, the average daily revenue for all underground markets was about $4.2 million. That number fell to just $447,000 after Hydra disappeared, according to new data released by Chainalysis.

Year-over-year, Dark Web marketplace revenues at the end of 2021 were about $3.1 billion, but by the end of 2022 they totaled only about $1.5 billion.

Hydra Takedown Leaves Void

Fast forward 10 months after the demise of Russian-based Hydra, and the Dark Web marketplace ecosystem is still struggling to recover. Namely, it’s been tough to replicate or replace Hydra’s money-laundering services for cybercriminals.

Out of the rubble of the demolished Hydra Marketplace, three early contenders for biggest player emerged: OMG!OMG! Market, Blacksprut, and Mega Darknet Market, according to Chainalysis’ research.

Early on, OMG was the frontrunner, peaking at just over 65% of the underground market business, but a June distributed denial-of-service (DDoS) attack on OMG drove users to competitors Mega Darknet Market and Blacksprut Market, according to Chainalysis.

So far, no other marketplace has been able to dominate the Dark Web market like Hydra did in its heyday.

Fraud Services Falter Post-Hydra

Four of the top five most successful darknet markets focused on illicit substance sales. The fifth, a platform called “Brian Dumps,” is the only one among the top underground marketplaces dealing in stolen credit card and other personally identifying information (PII), a business model Chainalysis calls a “fraud shop.”

Bypass Shop, another similar fraud shop, was shuttered by Russian authorities last March, the report said. Brian Dumps appears to have also suffered some disruption last October, dropping its revenues for that month to zero, according to Chainalysis. But the reason behind the issue remains unclear.

A New Mission

Mounting struggles in the darknet ecosystem present an enormous opportunity to absorb Hydra’s user base and reign the underground supreme. But the key to attracting users to these platforms is providing cryptocurrency and fiat currency-laundering services, the research shows.

All three top markets, Mega Darknet, Blacksprut, and OMG, show signs they have started offering cryptocurrency money-laundering services to lure in Hydra users, according to Chainalysis. There is also some evidence of collaboration between the platforms, the report pointed out.

Early after Hydra’s closure, OMG’s market share of business exploded because it offered money-laundering services, says Eric Jardine, cybercrimes research lead at Chainalysis. That business shifted to Mega Darknet once it was able to spin up similar services.

New Cybercrime Business Opportunity

Dark Web marketplaces are evolving into financial services providers for cybercriminals, Jardine says.

With Hydra and the evolution of money-laundering services as a feature of the darknet market ecosystem, a number of new financial motivations come into play,” Jardine says. “Previous markets, such as Silk Road, largely connected buyers and sellers of drugs, but providing money laundering and fiat currency off-ramp services to cybercriminals ties darknet markets more to the ebb and flow of ransomware and cybercrime than had previously been the case.”

As these platforms continue to provide digital asset services, cybercriminals will be motivated to commit more digital asset-based cybercrimes, says Karl Steinkamp, with cybersecurity advisory firm Coalfire.

Related News

Ferrari Discloses Ransomware Attack; Refuses to Pay Ransom

Ferrari Discloses Ransomware Attack; Refuses to Pay Ransom

Ferrari, the renowned Italian luxury car manufacturer, suffered a cyber incident that compromised the company‚Äôs client data. According to a…
ChatGPT Bug Exposes Conversation History Titles

ChatGPT Bug Exposes Conversation History Titles

A ChatGPT user on Reddit first reported the bug after noticing Chinese language characters in the title of their conversation…
Breach Forums to Remain Offline Permanently

Breach Forums to Remain Offline Permanently

The decision to shut down the Breach Forums came after the admin noticed someone had logged into an old forum…