- Someone has published the identities of two Ukrainian men who are allegedly behind the Hydra market.
- Gemini Advisory has dived deeper into the evidence and can confirm that at least one of the two is strongly linked.
- The tipster claims to have extorted the two men, but that didn’t go as planned, so he is now publishing the IDs.
There’s evidence that an anonymous individual has somehow managed to uncover the true identities of two of the Hydra dark web marketplace operators, one of the largest Russian-language drug markets. The names of the two individuals who are allegedly running the drug market are Bogdan Koliesniev and Alexander Dyriavin, belonging to two Ukrainian citizens.
The reports reached Gemini Advisory’s investigators, who assessed the information that surfaced online and now confirm the validity of the identities with moderate confidence for Koliesniev and low for Dyriavin.
In summary, there’s undeniably a link between these two and the Hydra marketplace, but it’s not certain that they belong in the operators' team. Most likely, Dyriavin has had some indirect contributions, and that was it.
Hydra has been around since 2015 and is one of the largest drug-selling platforms on the dark web, connecting hundreds of sellers with tens of thousands of buyers every day. Right now, there are 2.5 million registered accounts on the platform, and that number is growing steadily every month. The effort to identify the operators and the latest information that surfaced comes from ‘hydra.expert’, a platform devoted to the unmasking of Hydra’s heads.
On that website, we see images, email addresses, Github repos, VK profiles, telephone numbers, Twitter profiles, Facebook profiles, and YouTube channels, so the two men were exposed heavily. The leaker claims that he attempted to negotiate the purchase of that data with the Hydra project team, but they ignored him, so he decided to publish everything. Thus, the informant is not a law enforcement officer but another hacker who thought he’d make a lot of money if he could extort the Hydra operators.
Gemini’s investigators have attempted to find correlations and links between the published profiles, Telegram channels, and software repositories, and there are definitely various overlaps with the Hydra market. Considering that Koliesniev is very likely one of the perpetrators behind Hydra, the Ukrainian police should already be on their way to the man’s home. Even Dyriavin may have something useful to give to the authorities, as any information that can lead to the actual team is crucial.
All that said, it is quite likely that Hydra will go through a period of disruptions or even a total takedown, but that will really depend on how close the two identified Ukrainians are to the operating team.