Online markets selling drugs and other illegal substances on the dark web have started to use custom Android apps for increased privacy and to evade law enforcement.
Besides ordering, these apps allow shop clients to communicate with drug vendors and provide specific courier instructions for delivery.
This new trend has been observed by analysts at Resecurity around the beginning of the third quarter of 2022. It is thought to be a response to last year’s high-profile darknet market crackdowns, most notably that of Hydra Market.
Hydra was the leader in drug sales, having 19,000 registered sellers and 17 million customers worldwide. In April 2022, the German authorities confiscated its servers, creating a vacuum in the field.
Drug dealers moving to Android
As Resecurity reports today, several small players attempted to take advantage of Hydra’s sudden demise and snatch parts of Hydra’s orphaned user base.
Seven notable examples that released Android app APKs for customers to use to access their shops and services are:
- Yakudza
- TomFord24
- 24Deluxe
- PNTS32
- Flakka24
- 24Cana
- MapSTGK
All seven of the above use the same M-Club CMS engine to build their APKs, so they likely used the same developer services.
“Some of these mobile apps have been recently observed by our experts on seized mobile devices by law enforcement – they belong to several suspects involved in drug trafficking and other illegal operations,” warned Resecurity.
“The mobile apps provide the ability to transfer details about successful drug orders, and they can also send geographical coordinates of the “package” left by the courier for further pick-up,” explains Resecurity in the report.
“Such information is transmitted in the form of an image to prevent possible indexing. […] notes may contain details how deep the “package” has been hidden under the ground or any other information to find it.”
When this information exchange happens on several different applications, it creates fragmentation and stretches the ability of law enforcement to track everything and proceed to arrests.
Resecurity believes most new marketplaces to be launched in 2023 will feature an Android app, gradually replacing privacy-risking forums and open market platforms.
New big players
The most prominent drug market platforms have not bothered adopting the Android app trend yet and instead focus on the new fight for supremacy in the field, which might give one of them a monopoly similar to what Hydra has achieved.
According to Resecurity, those who benefited the most from Hydra’s shutdown were RuTor, WayAway, Legalizer, OMG!, Solaris, and Nemesis.
Over the past summer, these markets collectively welcomed 795,000 new users.
With no clear market leader right now and the reputation of all platforms (and vendors) being volatile, this is a risky period for people who purchase counterfeit substances, low-quality ingredients, or something different from what they ordered, ultimately being extremely dangerous.