Anatoly Legkodymov burned “Hydra”

Russian citizen arrested in US Anatoly Legodimov, who uses the nicknames Tolik and Gandalf. The investigation believes that the once largest darknet drug market in the world was laundering money through its Bitzlato crypto exchange. Hydra.

One of the founders of the Bitzlato crypto exchange, 40-year-old Russian citizen Anatoly Legodimov, also known by the nicknames Tolik and Gandalf, was arrested in Miami on charges of money laundering, according to US Department of Justice website. The Hong Kong-registered Bitzlato operated in the US without the required license and processed more than $700 million in illegal transactions, according to the agency.

Gandalf is an archetypal wise wizard, one of the central characters in John Tolkien’s novel The Lord of the Rings.

In Miami today, January 18, 40-year-old Russian Anatoly Legkodymov was detained. If found guilty, Anatoly Legkodymov faces up to five years in prison.
Bitzlato is based in China. Anatoly Legkodymov lived in China, but flew to the United States for a while, where he was detained. US Deputy Attorney General Lisa Monaco said the Justice Department worked with “key partners” to detain Mr. Legkodymov. According to the US Department of Justice, the crypto exchange allowed criminals to process more than $700 million of funds, and the crypto exchange received more than $15 million through ransomware. The largest counterparty of Bitzlato, according to a press release from the Ministry of Justice, was the Russian darknet market Hydra.
According to the US Department of Justice, Bitzlato does not require reliable identification from customers – photos or passports. When users were required to provide any documents, Bitzlato allowed the use of information from “front men”. In this regard, funds intended for criminal activities were kept on the company’s accounts, according to a press release from the agency. As stated in the message of the US Department of Justice, colleagues of Anatoly Legkodymov repeatedly warned him that users of the crypto exchange were drug users. At the same time, one of Bitzlato’s managers said that it was only nominally necessary to fight the drug trade in order not to lose profits, and Anatoly Legkodymov himself called the users of the exchange “known scammers,” the report says.

The story of the smashed Bizlato crypto exchange and its owner, Russian citizen Anatoly Legkodymov, who was arrested for money laundering, is reminiscent of a bad joke. Legkodymov, who was hiding in China, suddenly travels to the United States (!), whose authorities openly declared a hunt for the owners of Russian cryptocurrency sites long before the start of the war. It can be seen from the indictment that at the entrance to the United States, Legkodymov’s gadgets were checked by a US customs control inspector, who revealed that Legkodymov, using his (!) gadget, connected to the administrative server of the Bizlato crypto exchange. An American customs officer, having gained access to Legkodymov’s gadget (!), discovered several Bizlato managerial chats in it. As usual, the persecution of Legkodymov in the United States became possible due to the cross-border nature of operations with cryptoassets. This time the FBI put together a combo: the following were recorded:
a) the US dollar, which was used as a means of money laundering on a crypto exchange;
b) American ip addresses were used for transactions, from which the accounts on the exchange were logged in and transactions were carried out;
c) the readiness of the exchange to provide support to clients from the USA was confirmed;
d) the administration and management of the exchange was organized by Legkodymov directly from the USA.
Since Legkodymov will definitely not be extradited to Russia, but he has sensitive information about the clients of the crypto exchange in Moscow (office in the Federation Tower), his arrest in the United States may lead to unexpected investigations in the near future.

“Bitzlato interacted with criminals and sold them cryptocurrencies without question, resulting in hundreds of millions of dollars in deposits. defendant [Легодимов] is now paying the price for the detrimental role his company has played in the cryptocurrency ecosystem.” Breon Peace, Attorney for the Eastern District of New York, said.

The assistant prosecutor during the hearing noted that Legodimov was involved in the management of the cryptocurrency exchange, which “allowed criminals to profit from their offenses, including ransomware and drug trafficking.”

“Today, the Department of Justice dealt a major blow to the cryptocrime ecosystem.” he stressed.

The case file also says that Bitzlato’s largest counterparty in cryptocurrency transactions was Hydra Market, the world’s largest darknet market for drugs, fake documents, databases with data leaks and other illegal goods before its closure. According to the investigation, Legodimov knew perfectly well that criminals were using the exchange for their own purposes, but did not take any measures.

Since May 3, 2018, Bitzlato has processed $4.58 billion worth of crypto-currency transactions, according to U.S. prosecutors. By Wednesday afternoon, Bitzlato’s website had been replaced with a notice that he had been arrested by French authorities “as part of a coordinated international law enforcement effort.” Deputy Minister of Finance Wally Adeyemo said at a press conference at the Justice Department that the measures against Bitzlato “expose and stop the activities of Russian cybercriminals and their collaborators.”
Adeyemo told reporters that the Bitzlato crypto exchange was conducting transactions by groups using ransomware linked to Russia. The Ransomware-as-a-Service group was named as an example.
Two-thirds of the main recipients and senders of Bitzlato are associated with the Russian darknet market or fraud. Nearly 50 percent of all known Bitzlato transactions during this time involved illicit funding from Russia or other dangerous sources. Law enforcement officials believe that the illegal activities of Bitzlato accounted for transfers of almost half a billion dollars between 2019 and 2021.

The US authorities have named Binance one of the key counterparties of the Bitzlato exchange that was blocked yesterday. The exchanger is accused of laundering $700 million, while most of the crypto was withdrawn from it to Binance. The second and third places in terms of the number of transferred funds were taken by the Russian Hydra darknet market and wallets financial pyramid Finiko.

“At the same time as the arrest announced today, the French authorities, in cooperation with Europol and partners in Spain, Portugal and Cyprus, have dismantled Bitzlato’s digital infrastructure and taken enforcement action,” — added in the Ministry of Justice.

The popular cryptocurrency exchange Bitzlato has suspended its activities – the service was hacked, but, according to the assurances of the developers, the attackers managed to withdraw only a small amount of funds. The Bitzlato hack was reported in telegram channel early morning on January 18th. The developers urged users of the service not to replenish their balances and announced the suspension of withdrawals. Later, they wrote that user funds are safe and after the vulnerability is fixed, all assets will be returned to the owners.
“The funds are completely safe. The attackers were able to withdraw a small part of the funds, but for all victims, we guarantee a refund! As a security measure, we have disabled the operation of the service, we ask you not to replenish the wallets of our service until the work is restored, ”Bitzlato said in a statement. The developers promised to deal with the problem as soon as possible. It is not yet known exactly how much money the hackers managed to withdraw.

Hydra is a marketplace on the darknet that worked only for Russian-speaking countries. It was considered the largest darknet marketplace: in 2021, it accounted for 80% of all global darknet market revenue, according to Chainalys report data. Access to it through the Tor network opened in 2015.

Hydra was traded in drugs, forged documents, databases with data leaks and other illegal goods. The FSB reports on the liquidation of large drug laboratories repeatedly notedthat their products were sold on Hydra.

United States April 5, 2022 introduced against the site of the sanction. On the same day, the Central Office for Combating Cybercrime and the German Federal Criminal Police Office confiscated Hydra servers and confiscated bitcoins worth the equivalent of €23 million. Since then, the site has not been operating.

Hacker and crypto trader Pyotr Levashov, also known as Peter Severa, told Izvestia on January 19 that the main clients of the Bitzlato crypto exchange, one of whose leaders was detained in the United States, were drug addicts.
“They were charged with laundering $700 million in criminal money. Since the investigation cannot separate criminal money from non-criminal money, I believe that this is the entire amount that passed through the wallets that were clearly tied to this exchange. Moreover, the calculation is most likely made at the current exchange rate, ”said the hacker. According to him, due to the fact that the exchange used various cryptocurrencies, the investigation would not calculate every transaction. In this regard, Levashov suggested that the entire amount of funds that passed through the exchange was taken.
“To claim that all 100% were criminal, I would be afraid in court,” said Levashov.
As the hacker noted, Bitzlato was a rather small exchanger, if only $700 million passed through it in five years. Levashov believes that drug addicts were the main clients of this exchange. Because Bitzlato provided anonymity. The exchange did not require registration with ID cards and photos.
In this regard, the investigation claims that the arrested head of the exchange, Anatoly Legkodymov, knew that Bitzlato’s clients were drug addicts. Otherwise, the exchange would have established user identification, Levashov emphasized. He believes that in this situation, it is unlikely that it will be possible to fight off the accusations.