A Ukrainian man living in the United States allegedly hacked into a large drug market on the Russian dark web and diverted some of his proceeds to cryptocurrencies. The man says he donated the digital money stolen from the illegal website to an organization providing humanitarian aid in his war-torn country.
Wisconsin resident with Ukrainian roots hacks Russian Solaris Dark Web Marketplace
Alex Holden, a Ukrainian-born cyberespionage expert who moved from Kiev in the 1980s as a teenager and now lives in Mequon, Wisconsin, claims to have hacked Solaris, one of Russia’s largest online drug markets, Forbes said in a report.
Supported by his Hold Security team, he was able to get his hands on some of the bitcoins sent to dealers and darknet site owners. The cryptocurrency, worth over $25,000, was later transferred to Enjoying Life, a charitable foundation based in the Ukrainian capital.
Without disclosing exactly how he did it, Alex Holden explained that he took control of much of the Internet infrastructure behind Solaris, including some administrator accounts, obtained the website’s source code and a database, data on its users and drop-off points for drug shipments.
For some time, the Ukrainian and his colleagues also had access to “main purse” of the marketplace. It was used by buyers and merchants to deposit and withdraw money and served as the platform’s cryptocurrency exchange, the article details.
Given the rapid turnover, the wallet rarely had more than 3 BTC at a time. Holden managed to acquire 1.6 BTC and send it to Enjoying Life. Hold Security donated another $8,000 to the charity, which helps people affected by war in Ukraine.
Solaris is linked to the “patriotic” Russian hacker collective Killnet
The Solaris darknet market is suspected of having links to the hacker collective Killnet, which after the invasion launched by Moscow at the end of February became one of the groups of hackers “patrioticfrom Russia and vowed to attack Ukrainians and their supporters.
Killnet has also carried out a number of attacks in the US, including on the websites of airport and state authorities as well as the National Geospatial-Intelligence Agency. He allegedly targeted the Eurovision Song Contest, the Estonian government and Italy’s National Institute of Health.
The group has also been accused of targeting Rutor, Solaris’ main rival, which became Russia’s main underground drug market after Hydra shut down last spring. According to US cyber security firm Zerofox, Solaris paid Killnet for DDoS services.
Besides the battlefield, Russia and Ukraine have also clashed in the online space, where the Kyiv government is recruiting experts for its own cyber force. This special unit was tasked with identifying and preventing Russian attacks, but also responding.
Attacks like those against Russia’s largest bank, Sber, and the Moscow Stock Exchange have been attributed to Ukraine’s cyber army. Social media accounts associated with the hacktivist collective Anonymous have claimed responsibility for many other attacks.