Solaris, a major darknet marketplace dealing in illegal substances, was recently “hacked” by a smaller competitor, the current Kraken. Officials say they hacked Solaris’ website and database on Jan. 13, 2022.
Now the Solaris site, which is on the Tor networks, is being reconfigured to Kraken. Elliptic’s blockchain monitoring experts have yet to report any changes to the cryptocurrency addresses associated with the site after Jan. 13, 2022.
Solaris marketplaces emerged a few months ago after the liquidation of Hydra Market. The new online store quickly took over 25 markets and earned about $150 million in illicit sales.
A report on the new illicit marketplace earlier this year reported that about 60,000 people registered on Solaris after Hydra’s sudden “demise,” while Kraken absorbed only about 10 of those numbers.
Solaris is a Russian-language platform reportedly affiliated with the Killnet Group, a group of hackers who conducted several DDoS attacks against organizations in the Western world in 2022. Elliptic followed up several donations from Solaris to Killnet with more than $44,000 in bitcoins.
In December 2022, cyber intelligence agent Alex Holden claimed he hacked Solaris’ website, stole $25,000, which he then donated to a charity. While Solaris disputed the “”hacking”” claims, citing a lack of evidence, Holden, by publishing more details, leaked the code and database that allegedly pertained to the marketplace.
On Friday (January 13), 2023, the hack was repeated, but on a larger scale. The aforementioned Kraken organization announced a takeover of the Solaris infrastructure, GitLab and all of the project’s source code because of “several huge bugs in the code.”
Kraken said in a statement that it took them three days to extract the public passwords and keys stored on the Solaris server to gain access to the Solaris infrastructure, which is on Finland and download all the data. Finally, the criminals claimed the Solaris bitcoin shutdown is aligned with Elliptic’s blockchain surveillance.
Representatives from Kraken have taken a stoic approach to protecting Solaris: “The project has a lot of big bugs in the code that have not yet been fixed. And storing passwords and keys from servers openly unencrypted is an even bigger bug, a position equal to fifth-grade students.” “This event took us three days without much of a rush, and we uploaded absolutely everything, and no one stopped us,” the Kraken members write.
At this time, Killnet and none of the major Solaris teams have issued statements regarding the status of the platform, or the veracity of Kraken’s claims. However, given the customized redirection of the Kraken site and previous allegations of theft, the information seems fairly credible.