Darknet Marketplace Drama: Russian Market Solaris Hacked By Kraken

Kraken Taking Over Solaris livedarknet
Rate our article

 Solaris is easily one of the largest darknet markets out there in 2023. The Market snatched between 20-25% of Hydra’s customers after its seizure and thrives in Russian territory. However, Solaris has been hacked for the second time in two months; This time by a darknet rival.

The Culprit: Kraken Darknet Marketplace

It’s fairly clear that Solaris has some coding issues, as Solaris Market was hacked by All Hold Security, LLC, just a few weeks ago. Unfortunately, this hasn’t been their only issue, as it seems there’s been some drama behind the scenes between Solaris and Kraken Marketplace. For the most part, it just seems like everyone wants a greater piece of the pie (if that pie was made from darknet market users in Russia.)

Solaris Home Page
Solaris Home Page

According to the Kraken Admins, there were attacks from Solaris, which forced the Kraken team to retaliate. The Kraken team managed to take full control of Solaris Darknet Market’s backend. This includes market infrastructure, GitLab repository, and project source code. The Kraken admins said it took just 72 hours to find the vulnerability in their code and perform the hostile takeover. 

After taking control, the Darknet Kraken team turned the Solaris homepage link into a redirect to the Kraken Market homepage. The Solaris homepage remains as a Kraken Market directory on January 22nd, 2023.

This remains the same a week later. The popular blockchain analytics and crypto compliance solutions website “Elliptic” researched into the Solaris situation. They found that Kraken has “full control over Solaris” and that ” Solaris’ bitcoin wallets have been deactivated.” Currently, no activity has been tracked for Solaris-affiliated bitcoin addresses since January 13.

Kraken Respond

According to the Kraken team, this was only in retaliation to Solaris attacking them. They want to create a positive atmosphere within the darknet world but still need to protect themselves.

When entering Kraken’s website, users are met with the following message (translated from Russian)

Kraken Statment On Solaris Takeover
Kraken Statment On Solaris Takeover

In response to the Solaris statement, let’s summarize the continuation of the dramatic story – no one betrayed anyone and bought nothing. They just got access to the Solaris Gitlab repository. ( the link is still relevant), the project sources from 01/12/23, and then access to the entire local networks and infrastructure of Hetzner in Finland. The project has several huge bugs in the code, which to this day remain relevant, you can turn over and over again.

Also, storing passwords and keys from your servers in clear text is an even bigger mistake, they’re a bunch of schoolchildren from the 5th grade. This event took us 3 days in a calm mode and we downloaded absolutely EVERYTHING that is supposed to be in such cases ( and no one stopped us ). PS We deliberately disabled the bitcoin server so that no one steals anything, but probably in vain)

Everything that is written above is a response to aggression in our direction in the amount of x10, we warned. The same applies to others.”

Krakon Teams Response

Darknet Market Solaris Faces Its End

Greed is the downfall of any successful operation, and in this case, Solaris felt undefeatable. Russia’s darknet marketplace is the largest in the world. To put that in perspective, Hydra earned atleast $1.3 billion in 2020. As Solaris took about 20-25% of Hydra’s customers, which means they’re looking at about $300-400 million in profit each year. 

Solaris put a target on its back a few months back when it wanted to make sure Solaris vendors did not work with competing markets. Solaris sent a message to its 3840 vendors explaining they would automatically blacklist all those selling on alternative markets including WayAway, Kraken, OMG!OMG! RuTor’s, Etc. 

WayWay and Kraken have been blacklisted by Solaris, and all sellers having accounts there should remove their profiles, otherwise the administrators will apply strict sanctions against them.

Solaris DNM Admin “Juri”
Solaris Rule For Vendors
Solaris Rule For Vendors

To put it simply, Solaris wanted monopoly and refused to play nice. They gave their vendors seven days to abide by the new rules and explained that their teams would manually monitor the situation. 

Top Russian Darknet Markets
Top Russian Darknet Markets

In July, Solaris Darknet Market hijacked onion domains, and among the top 10 darknet markets, Solaris has been the fastest-growing market. It seems their fight for rapid growth is now their greatest failure, as Krakon seems to have put them to an end. 

Will Solaris Return?

At this point, the Solaris team is completely silent, and there hasn’t been any activity since. They’ve gone under two major hacks within a month, which paints a bad picture of their security. 

It is our opinion that even if Solaris makes its way back into the darknet market scene, it’s a market that should be avoided. There’s a good chance that since Hold Security. LLC gained backend access to the market, law enforcement could be monitoring all transactions taking place on the platform. Therefore, it’s wise for those using the darknet to steer clear of Solaris Darknet Market. 

Solaris’ hostile takeover serves as a sign to alternative markets that the Kraken team should be taken care of and that putting a target on your back is not the ideal method for running darknet markets.