Online markets selling drugs and other illegal substances on the darknet have begun to use custom Android apps. It increases privacy and evades law enforcement. Analysts at Resecurity first observed this trend around the beginning of the third quarter of 2022. They believe this new development responds to last year’s high-profile darknet market crackdowns, most notably that of Hydra Market.

These apps allow clients to place orders, communicate with drug vendors, and provide specific courier instructions for delivery. This extra feature makes it easier for clients to communicate with vendors. Also, it makes it easy for vendors to deliver the drugs more securely.

With the increasing use of custom Android apps, it is becoming more challenging. For law enforcement, it’s tough to track and disrupt these illegal activities. As such, authorities must adapt their techniques to keep pace with these evolving methods.

Drug dealers moving to Android

Hydra, a leader in drug sales, had 19,000 registered sellers and 17 million customers worldwide. However, in April 2022, the German authorities seized its servers, leaving a void in the market. In response, several small players aimed to capitalize on Hydra’s downfall and acquire parts of its abandoned user base. Resecurity reports seven examples of these small players. The list includes Yakudza, TomFord24, 24Deluxe, PNTS32, Flakka24, 24Cana, and MapSTGK. They have released Android app APKs for customers to access their shops and services. These seven players used the same M-Club CMS engine to build their APKs. It indicates they likely used the same developer services. Resecurity warns that “some of these mobile apps have been recently observed by our darknet diaries experts on seized mobile devices by law enforcement – they belong to several suspects involved in drug trafficking and other illegal operations.”

What’s in a report about darknet markets moving to custom android apps

Resecurity explains in the report that mobile apps actively provide the ability to transfer information about successful drug orders. They also actively send geographical coordinates of the “package” left by the couriers for further pick-up. To prevent possible indexing, such information is actively transmitted as an image. Additionally, the notes may contain details about how deep the “package” has been hidden under the ground or any other necessary information to locate it.

As information exchange occurs across multiple applications, it leads to fragmentation. It hinders law enforcement’s ability to effectively track criminal activity and make arrests. Resecurity predicts that in 2023, many new marketplaces will introduce Android apps. It will replace traditional forums and open market platforms that risk privacy. This shift towards utilizing Android apps will streamline the process for law enforcement to monitor and target illegal activity.

New big players

Despite the growing trend of Android apps, the leading drug market platforms have chosen to prioritize their competition for supremacy in the field. This could result in one platform achieving a monopoly similar to Hydra’s. According to Resecurity, the platforms that benefited the most from Hydra’s shutdown are RuTor, WayAway, Legalizer, OMG!, Solaris, and Nemesis. In the past summer, these markets collectively attracted 795,000 new users. However, with no clear market leader. The reputation of all platforms and vendors is uncertain. This is a risky period for those who purchase counterfeit substances, low-quality ingredients, or items different from what they ordered. This could be extremely dangerous.