Treasury Sanctions World’s Largest Darknet Market and Virtual Currency Exchange
OFAC sanctioned the "darknet" market, Hydra Market ("Hydra") and the ransomware-enabling virtual currency exchange, Garantex. Hydra was designated pursuant to E.O. 13694, ("Blocking the Property of Certain Persons Engaging in Significant Malicious Cyber-Enabled Activities") as amended, for engaging in cyber-enabled activities that are reasonably likely to result in a significant threat to the national security, foreign policy, or economic health or financial stability of the United States; Garantax was designated pursuant to E.O. 14024 ("Blocking Property With Respect To Specified Harmful Foreign Activities of the Government of the Russian Federation") for operating in the financial services sector of the Russian Federation economy.
Treasury stated that the sanctions were part of a coordinated global effort to "disrupt proliferation of malicious cybercrime services, dangerous drugs, and other illegal offerings available through the Russia-based site." The initiative included the Department of Justice, Federal Bureau of Investigation, Drug Enforcement Administration, Internal Revenue Service Criminal Investigation, and Homeland Security Investigations. The sanctions were intended to (i) support the United States' counter-ransomware effort by addressing the illicit use of virtual currency to launder ransom payments and (ii) build upon recent sanctions against virtual currency exchanges operating out of Russia.
Treasury stated that Hydra was "the most prominent Russian darknet market, and the largest darknet market left in the world." In its investigation, OFAC uncovered about $8 million in ransomware proceeds that implicated Hydra’s virtual currency accounts. In addition, OFAC identified over 100 virtual currency addresses associated with the market that had been used to conduct illicit transactions. In investigating the virtual currency exchange Garantex, Treasury found over $100 million in transactions associated with illicit actors and darknet markets, including $6 million associated with a Russian gang. OFAC added both Hydra and Garantex to its SDN list pursuant to Executive Orders covering malicious cyber-enabled activities and continued Russian Federation aggression, respectively.