• 목록
• 답변
• 글쓰기
• 게시판 리스트 옵션
  • 수정
  • 삭제

2022 saw a decline in revenue from the previous year for darknet markets and fraud mega darknetmega darknet market retailers. Total darknet market revenue for 2022 ended at $1.5 billion, down from $3.1 billion in 2021.

Four of the top five highest-earning darknet markets in 2022 had been typical, drug-centered darknet markets, whereas only one, Brian Dumps, was a fraud shop.

Hydra Market led the best way once once more as the highest-earning darknet market in 2022, even though it was sanctioned by OFAC and shut down in a joint U.S.-German operation in April - no other market beat the revenue lead it built up in these 4 months. As we’ll discover later, the three next-highest incomes markets of the 12 months - Mega Darknet Market, Blacksprut Market, and OMG!OMG! Market - all gained their preliminary market share in the wake of Hydra’s collapse, with on-chain knowledge suggesting these markets made concerted efforts to attract former Hydra customers and vendors.

Hydra’s closure prompted a sector-wide decline in darknet market revenues, with common day by day income for all markets falling from $4.2 million simply prior to its closure and to $447,000 immediately after. While drug markets’ collective income hasn’t recovered totally, it climbed slowly again towards previous levels in the second half of 2022. Fraud outlets, nevertheless, have continued to decline.

Fraud outlets are a singular section of darknet markets that promote stolen knowledge such as compromised credit card information and different forms of personally identifying information (PII) that can be utilized for fraudulent exercise. This decline was triggered partly by the closure of distinguished fraud shops like Bypass Shop, which was shut down in March. Brian Dumps, the most important overall fraud shop for the yr, also appears to have suffered a disruption as its income fell virtually to zero in October, though it’s unclear precisely why.

While darknet markets have largely recovered after Hydra’s closure and fraud shops have not, single vendor outlets showed a unique sample. Single vendor outlets are standalone retailers set up by particular person drug distributors who've sometimes gathered a large buyer base on a bigger, traditional darknet market. Setting up a single vendor shop permits these distributors to save lots of on charges that may ordinarily go to the administrators of a standard darknet market.

Throughout 2022, we observed a adverse relationship between funds sent to common darknet markets and those despatched to single vendor outlets. As an example, we see single vendor shop income spike starting around March, around the identical time conventional darknet market revenue began to fall. Similarly, single vendor store revenue fell concurrently with the restoration of traditional darknet markets from around June by way of finish of yr.

The battle for market dominance, submit-Hydra takedown

Before law enforcement companies shut down Hydra, it was the biggest darknet market on this planet. Previous to its demise, Hydra Marketplace captured 93.3% of all financial value acquired in the 2022 darknet market ecosystem. The Russia-primarily based darknet market enabled drug gross sales and provided cybercriminals money laundering services. Within the wake of Hydra’s collapse, several markets gained income, however three in particular dominated: Blacksprut, OMG!OMG! Market, and Mega Darknet Market. Interestingly, each of the three led the market at completely different times, although OMG’s period of dominance instantly following Hydra’s collapse was the strongest any of the three ever had.

Through most of April and may, OMG captured effectively over 50% of complete market share, reaching a peak of 65.2% on April 23, and operated nearly unchallenged by competition, indicating its potential as a Hydra successor. In June, OMG suffered a distributed denial of service (DDoS) assault, which seemingly brought on vendors and prospects to migrate to Mega Darknet Market and Blacksprut Market around that time. Similarly, Blacksprut was hacked in late November, which coincides with its decline from its peak revenue share of 68.5% a few weeks prior. Given the illicit nature of darknet markets, it’s unsurprising that vendors and customers would seek to depart a market that has suffered an information breach.

How drug consumers and illicit users migrated from Hydra to other darknet markets

If we dig deeper into how Hydra’s three major successor markets jockeyed for position following Hydra’s shutdown, we find that capturing the particular clients who previously relied on Hydra - each retail market prospects and illicit users of Hydra’s money laundering services - was crucial to the battle. We can investigate this by using on-chain information to take a look at the place former Hydra users migrated after the market was closed. For this evaluation, we’ll break up the remainder of 2022 after the April 5 Hydra shutdown into two time durations:

OMG dominance: The 50 day-period instantly after Hydra’s shutdown when OMG captured near 100% of darknet market share.

Post-OMG dominance: The remainder of 2022, when OMG became one in all three sizable markets alongside Blacksprut and Mega.

The two charts under present which markets Hydra’s previous counterparties used the most in both of those two time durations. The color of the strains present the previous Hydra users’ category of activity and the thickness of the traces show the proportion of their exercise flowing to new markets after Hydra was shut down.

Like the overwhelming majority of all darknet market users, former Hydra counterparties throughout all categories - both retail drug buyers and criminal customers - transacted nearly completely with OMG during the OMG dominance period. Within the post-OMG dominance interval, OMG retained a number of those former Hydra counterparties, however misplaced a big share of their illicit activity to the opposite two markets throughout all categories.

There are two main takeaways from this: first, signs level to those three markets having launched crypto money laundering providers similar to what Hydra provided, which might explain why so many of Hydra’s criminal customers migrated to those markets. The second takeaway is just how dominant OMG was amongst Hydra’s counterparties instantly following Hydra’s closure. This is very interesting given the connections between OMG and Hydra that we’ll explore later.

There may be direct proof that two of the three markets in question offer cash laundering services. In early January 2023, Blacksprut vendor RedBull Exchange made a post titled "Transfer from platform" that stated users might withdraw Bitcoin with a 4% fixed fee payment and that funds would immediately transfer to their non-public wallets without going by way of any varieties of "checks or cleanings." The picture below exhibits a Blacksprut overview site indicating that the service affords inner exchanges for shifting funds off market, and also recommending the Russia-based mostly BestChange change aggregator service ought to those fail.

Similar posts on Mega Darknet Market affirm it provides these providers, too. We don’t yet have affirmation of OMG offering money laundering companies, however once more, the on-chain knowledge suggests it probably does.

OMG, Blacksprut, and Mega Darknet markets show potential vendor and admin overlap with Hydra

Advertised as "the most advanced darknet market ever," OMG primarily gives illegal medicine, but in addition affords merchandise like hacking utilities, banking info, and extra. The market has a peculiar historical past. It first turned energetic in early July 2020, with deposit volumes so low it appeared to be much less of a darknet market and more a private operation. However, nearly as soon as Hydra shut down, OMG started seeing excessive inflows for the first time, more than half of which came from Hydra counterparties.

Blockchain evaluation also reveals that several Hydra vendors migrated to OMG following Hydra’s shutdown. The Chainalysis Reactor graph under reveals a number of personal wallets associated with known Hydra vendors subsequently transacting with OMG.

The migration of vendors, plus the timing and supply of OMG’s initial income means that Hydra administrators could have been concerned with the event of OMG. Additionally, the 2 markets show sure operational similarities. As an example, Hydra was distinctive from its competitors in that it offered location-based mostly courier providers. Upon account creation, the user would select their location and arrange "dead-drop"-style exchanges from vendor to purchaser. Upon sale, the vendor would ship the purchaser geographic coordinates and an image of the place their well-hidden purchase could possibly be discovered. OMG provides this same service, too.

Further blockchain analysis reveals an much more fascinating connection: OMG’s central wallets ship excessive volumes of cryptocurrency to the same group of deposit addresses at a excessive-risk exchange with a heavy presence in Russia. The overlap in deposit deal with usage means that those deposit addresses may be managed by the identical individuals, which might counsel further vendor overlap or probably even administrator overlap.

Both Blacksprut and Mega have also despatched funds to deposit addresses on this alternate used previously by Hydra, however none as a lot as OMG. We can see this on the chart beneath, which exhibits the entire quantity sent by each market to shared deposit addresses.

We don’t have definitive proof confirming that any of OMG’s creators or administrators have been formally related to Hydra. However, the deposit tackle overlap and instantaneous mass migration of Hydra users to OMG following Hydra’s shutdown means that it’s certainly possible.

The 2023 Crypto Crime Report

Available now!

This material is for informational purposes only, and isn't supposed to supply legal, tax, monetary, or investment recommendation. Recipients should consult their very own advisors before making a majority of these decisions. Chainalysis has no accountability or liability for any choice made or any other acts or omissions in connection with Recipient’s use of this material.