Solaris Market, a large darknet drug marketplace, has reportedly been hacked by its much smaller rival, the recently-launched Russian language drug marketplace known as Kraken (not affiliated with the legitimate crypto exchange of the same name).
Solaris is a relatively new Russian darknet drug market believed to be the successor to the now-defunct Hydra Market, the world's largest and oldest darknet marketplace that sold various illicit goods and services like illegal drugs, stolen financial information, fraudulent identification documents, BTC cash-out services, and SSH/VPN services, etc.
Solaris has been reportedly affiliated with Killnet, a pro-Kremlin hacktivist group known for its attacks on government institutions and private companies in several countries during the 2022 Russian invasion of Ukraine. According to a recent report from cybersecurity firm Hold Security, in his October 2022 interview with a Russian publication RT, KillMilk, the founder of Killnet, publicly thanked the Solaris group for their “huge support”.
Blockchain analytics company Elliptic reported on Tuesday that users who attempted to access Solaris after January 13 were redirected to the Kraken marketplace, which claimed to have successfully taken over Solaris’ infrastructure, GitLab repository and project source code, thanks to “several huge bugs in the code”.
The Kraken team, which is also believed to be pro-Kremlin, said that it took them three days to steal the clear text passwords and keys stored in Solaris' servers and disable their rival's Bitcoin server. Elliptic has confirmed there has been no movement in Solaris-affiliated bitcoin addresses since January 13.
Kraken said that the Solaris hack was “a response to aggression in our direction” and that “the same applies to others.”
Neither Solaris, nor Killnet have yet to comment.