View profile

Gerald Cotten's Crypto Ponzi Scheme & Hydra Goes Offline: What You Need to Know (#92 - 11 April 2022)

The Future of Money with Henri Arslanian
Gerald Cotten's Crypto Ponzi Scheme & Hydra Goes Offline: What You Need to Know (#92 - 11 April 2022)
By Henri Arslanian • Issue #88 • View online
Dear Friends, 
Netflix’s latest true-crime documentary (“Trust No One: The Hunt for the Crypto King”) has become a smash hit since it debuted on the streaming platform last week. 
We also learned that German and American authorities took down the servers responsible for hosting Russia’s Hydra, the biggest darknet marketplace in the world.
How did this investigation unfold? What catalysed the move? And what can we expect moving forward?
Make sure to subscribe (and join the 49,000+ others who have done so) to receive your Future of Money newsletter in your inbox every week! 
If you enjoy this content, you will also love what I post on Twitter (@HenriArslanian) and the library of videos on my YouTube channel.
Here we go!

Powered by Bullish
How to Run a Ponzi Scheme With a Crypto Exchange
Netflix’s latest true-crime documentary has emerged as one of its most popular pieces of content globally since its release last Friday. 
The documentary, titled “Trust No One: The Hunt for the Crypto King,” centers on the curious life of Gerald Cotten, the CEO of crypto exchange QuadrigaCX, who mysteriously died four years ago while on a trip in India.
Founded in 2013, Quadriga was at one point the largest crypto exchange in Canada, servicing 350,000 customers with over a trading billion dollars in assets. 
However, the exchange would collapse soon after the mysterious death of its founder in 2018 and be put under bankruptcy protection after more than 76,000 customers were owed $215 million CAD (US$160 million).
For any normal business, the death of its founder would be sad news but for Quadriga it was fatal as it would turn out that the exchange was a typical Ponzi scheme.
Cotten’s death, and the ensuing efforts to locate the assets, exposed the extent of Quadriga’s problems.
It was widely believed at the time of his death that the inability to access people’s assets was due to lost or inaccessible private keys, but this was not the case; Quadriga would have most likely collapsed even if Cotten had lived, as the exchange was a Ponzi scheme.  
By the time of his death, the platform owed approximately $215 million CAD to clients but had almost no assets to cover their liabilities. 
The Ontario Securities Regulators later released a thorough and excellent report on their findings that describes the criminal behaviour that was taking place at Quadriga.
The report reads like a crime novel, and some highlights include (some copied verbatim from the report): 
  • Shady Founders: Gerald Cotten co-founded Quadriga with Michael Patryn. According to some media reports, they met in 2003 on a website dedicated to Ponzi schemes called TalkGold. Patryn had been convicted in 2005 in the U.S. of conspiracy to transfer identification documents in relation to an online money-laundering service under his prior name, Omar Dhanani.  
  • Lack of Oversight: Cotten had sole control of Quadriga and its hundreds of thousands of clients. He ran the business as he saw fit, with no proper system of internal oversight or controls or proper books and records.  
  • Fake Assets: Cotten traded with Quadriga clients using numerous alias accounts, which he credited with fake crypto assets and fake fiat currency through manual adjustments to Quadriga’s internal ledger. With a few keystrokes, Cotten could make any amount of fake money or crypto assets appear in his alias accounts, and he apparently did so regularly.  
  • Fraudulent Trading: The bulk of the asset shortfall ($115 million CAD) arose from Cotten’s fraudulent trading using alias accounts. Cotten sustained real losses when the price of crypto assets changed, thereby creating a shortfall in assets to satisfy client withdrawals. Cotten covered this shortfall with other clients’ deposits, basically operating a Ponzi scheme.  
  • Use of Client Assets: Cotten regularly moved clients’ crypto assets into accounts he had opened on other crypto asset trading platforms. He lost $28 million CAD trading client assets on such external platforms. 
  • Lack of Books and Records: Quadriga did not maintain adequate books and records regarding its operations. From 2016 onwards, Quadriga had no accounting ledger or other accounting records relating to its financial situation or the assets that they controlled.  
  • Non-segregation of Assets: Quadriga did not maintain boundaries between its own assets and those of its clients, pooling all funds together and using client assets for its own purposes. Cotten used client funds to pay operating expenses; including contractor fees, IT infrastructure fees, and payment processor fees.  
  • No Cold Storage: Clients were told that Quadriga used “the tried and tested method of storing 99% coins in cold storage” and that “clients’ cryptocurrency is held in secure and offline multi-signature wallets.” This was untrue and misleading. Quadriga was primarily using a mix of hot wallets and other crypto asset trading platforms to store client assets, but many of these assets were not being stored at all because Cotten was steadily depleting client assets. 
  • Lack of Compliance: Quadriga transacted millions of dollars of business in cash. One of Quadriga’s major clients was a Canadian Bitcoin ATM company. The president of the company would personally deliver suitcases of cash to Cotten to fund his Quadriga account, sometimes using private jets to meet quickly. Ultimately, Quadriga received over $20 million CAD in cash from this ATM company, which Cotten knew with this origin would not be accepted by any bank in Canada. 
Source: Ontario Securities Commission
Source: Ontario Securities Commission
  • Sending Cash by Mail: Cotton used cash to fund around $14 million CAD of client withdrawal requests by mailing envelopes of cash across the country. 
  • Fake Trading: Quadriga touted its high trading volume on its website, stating that Quadriga was “a true market, with real orders and trades, not an artificial market designed to look appealing”. In 2018, Cotten claimed that neither Quadriga nor any Quadriga affiliate was a counterparty to any trade on the platform. This was, of course, false and Cotten was party to at least 87% of all trades in Bitcoin settled in Canadian dollars on the platform in its first full year (calculated by value), and 35% over the platform’s lifespan. 
  • Misappropriation of Client Assets: Cotten misappropriated millions in client assets to fund his lifestyle. Between May 2016 and January 2018, he transferred approximately $24 million CAD of client funds to himself and his wife. Cotten bought a Tesla, a Lexus, a luxury yacht, a plane, a share in a private jet, and multiple properties. This Vanity Fair article on his mysterious life is worth a read. 
Source: Vanity Fair
Source: Vanity Fair
Given that Cotten quickly became known for living a luxurious, larger-than-life lifestyle, conspiracies have taken root over the years amongst Quadriga’s duped investors and clients alike over whether Cotten really died of Crohn’s disease as it is claimed or if he faked his death. 
Suspicion has long followed Cotten’s widow, Jennifer Roberston.
However, she has continued to insist that she was unaware of her late husband’s schemes and had no idea what Quadriga was doing with its investors’ funds. 
In the years since, Quadriga’s victims have continued to seek justice, demanding answers from Quadriga’s creditors whilst reminding everyone what Cotten did. 
It’s quite frustrating that such a criminal took advantage of thousands of Canadians, investing their hard-earned money into digital assets, to pull off his Ponzi scheme.
The Canadian regulators have made it clear over the years that the misconduct uncovered in relation to Quadriga should not cast a cloud on the entire crypto industry. 
Unfortunately, as for the life and death of Gerald Cotten, bad apples in any industry will always exist, so it’s important to ensure that the crypto ecosystem continues to focus on having adequate regulatory frameworks in place whilst adopting best practices in areas like governance and transparency to minimise the risks of such incidents happening again. 
There is no reason that anything similar should ever happen again. 
Powered by Bullish
Bullish is a powerful new digital asset exchange built for institutions that offers deep liquidity, automated market making, and state-of-the-art security. 
Combining the innovations of DeFi with the regulated environment of traditional finance, Bullish empowers users to trade with certainty across variable market conditions, in an environment backed by multibillion-dollar liquidity contributions from the Bullish Treasury.
Follow @Bullish on Twitter or visit to learn more.
Not investment advice. Digital assets and cryptocurrencies are high-risk products. Consult your professional advisor before dealing in them. Bullish’s services are available in select locations only and not to U.S persons.
Visit for important information and risk warnings.
Authorities Take Down Hydra, the World’s Biggest Darknet Marketplace And Crypto Laundering Platform: What You Need to Know
A major development took place this week, with German federal police, in coordination with several branches of U.S. law enforcement, announcing that they had shut down the server infrastructure for the Russian darknet marketplace Hydra, seizing over $25 million worth of Bitcoin in the process. 
The following banner was posted on the Hydra platform following the operation.
Source: BKA
Source: BKA
As we recently noted in this newsletter, Hydra is the largest darknet marketplace in the world by volume, functioning as a platform for drug trafficking, credit card theft, forgery, and other illicit activities, including crypto money laundering. 
Source: Elliptic
Source: Elliptic
Most impressively, Hydra had an independent drug certification system where quality testing took place, something that previous such marketplaces lacked.
Using its own team of chemists and human test subjects (with medics available in the event of an overdose), each drug offered on the platform was rigorously tested, with the results available for anyone to see online, instilling a level of trust amongst buyers. 
Vendors peddling substandard and fake drugs (trying to substitute oregano for marijuana, for instance) would then be penalized by Hydra’s administrators or kicked off the platform. And hardcore drugs like Fentanyl had apparently been banned from the site. 
Located in Russia, Hydra’s public profile in mainstream crypto news rapidly increased after being highlighted as a key money laundering vehicle by the U.S. Department of Justice following the February arrests of Ilya ‘Dutch’ Liechtenstein and Heather Morgan over their connection with the 2016 hack of crypto exchange Bitfinex. 
Source: Elliptic
Source: Elliptic
Whilst Hydra had become heavily associated with the sale of narcotics, recent reports pointed to the growing risks of crypto laundering on the platform. 
The platform facilitated money laundering via a method known as “Hidden Treasure,” in which vacuum-sealed bags of cash were literally buried underground by a courier and marked with a geo-tagged location in a discrete area accessible only to the customer, who would then dig up the cash.
Hydra also had a very elaborate Uber-like system for distribution. Geolocation would tell customers where the drugs or the package were hidden.
Via an army of young couriers who would stash packages in a variety of GPS-tagged locations before being picked up by customers, Hydra provided an innovative workaround to the sluggish and unreliable Russian postal system and the dangers of openly dealing on the street.
Such dead drops took place anywhere and everywhere from hollowed-out trees and electrical transformer boxes to metro stops and local forests. And this activity took place in virtually every city and town across the country. 
Once a transaction had been completed and the package had been hidden, buyers were sent a detailed list of coordinates, photos, and directions to find their “hidden treasure.”
Source: Vice
Source: Vice
But a lot of crypto crime laundering was taking place on Hydra, as well. 
According to Chainalysis, in 2021, Hydra received more than $1.7 billion worth of cryptocurrency, which accounts for over 75% of all darknet market revenue globally. 
Source: Chainalysis
Source: Chainalysis
Hydra and its vendors offered money laundering services, providing the infrastructure that allowed vendors and criminal actors alike the ability to swap cryptocurrency into Russian rubles. 
Source: Chainalysis
Source: Chainalysis
The removal of one of the largest illicit services on the dark web represents a huge win for both law enforcement and the cryptocurrency industry as a whole.
Following the operation, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) sanctioned Hydra in conjunction with Garantex, a Russian crypto exchange associated with the marketplace. U.S. and German authorities are also working to identify over 100 wallet addresses linked to the Hydra platform. 
Investigators around the world have long been attempting to tamp down on such marketplaces, shuttering hubs like Silk Road and AlphaBay over the past decade. 
With roughly 17 million customer accounts and 19,000 sellers, Hydra had grown into the largest darknet in the world.
Source: Elliptic
Source: Elliptic
Launched in 2015 via the Tor browser, Hydra exploded in volume over the years, with annual transaction volumes ballooning from $9.4 million in 2016 to $1.37 billion by 2020.
Source: Flashpoint; Chainalysis
Source: Flashpoint; Chainalysis
Since mid-2018, Hydra has made global investigations into their murky activities even trickier, mandating that all crypto funds used on the marketplace be withdrawn into Russian fiat currency through several payment services and exchanges operating in the region.
Chainalysis and Flashpoint show that the vast majority of funds exiting the Hydra platform arrive in Russia.
Source: Flashpoint; Chainalysis
Source: Flashpoint; Chainalysis
Garantex, meanwhile, was cited by OFAC as being responsible for facilitating over $100 million in illicit transactions.
As a matter of fact, the exchange was recently highlighted in Chainalysis’ 2022 Crypto Crime Report as one of six crypto service providers operating in the open out of a luxury highrise known as Federation Tower in Moscow’s swanky financial district. 
Source: New York Times
Source: New York Times
According to Chainalysis, Garantex traded over $2.1 billion worth of crypto between 2019 and 2021, with more than $645 million of that total (or 31% of total volumes) coming from risky and illicit sources. Exposure to illicit funds extends to all of the crypto businesses operating in Federation Tower, as well, with the majority of funds arriving via scams, darknets like Hydra, and ransomware. 
Source: Chainalysis
Source: Chainalysis
The timing of the operation was certainly interesting, to say the least. Media reports have long alleged links between Hydra and top levels of the Russian government, making previous investigations into the platform difficult to pull off.
But over six weeks into the war in Ukraine, and with sanctions ramping up in recent days, it is possible that U.S. and German authorities viewed Hydra as a possible outlet for the Russian government to circumvent sanctions. 
Whilst we have mentioned in the past that sanctions evasion via crypto is very difficult, a huge marketplace like Hydra used heavily not only in Russia but in surrounding countries like Belarus, Kazakhstan, and, yes, Ukraine, is still a big win for law enforcement.
But their closure is a big milestone in the fight against crypto crime and demonstrates the benefits of the traceability efforts we are seeing. 
Yet whilst the takedown of Hydra is clearly a victory for law enforcement, as we’ve seen over the past decade, when one darknet marketplace goes offline, another eventually springs up to take its place. 
Definitely a development to follow. 
My Latest Podcast Episode
Why might play-to-earn games like Axie Infinity fail?
What mistakes are crypto firms making when targeting gamers?
I cover it all with Paul Dawalibi, CEO of Holodeck Ventures.
You can listen to/watch the podcast here:
Money Quote of the Week
“Money frees you from doing things you dislike. Since I dislike doing nearly everything, money is handy.“
-Groucho Marx
Enjoyed this content? Make sure to subscribe or share it with a friend! A new Future of Money newsletter will be in your inbox each week!
See you all next week!! 
Henri Arslanian
*Please note that this newsletter reflects Henri’s personal views and not those of any organisation he is involved with. This newsletter is for educational purposes only and none of its content should be construed as investment or financial advice of any kind.
Did you enjoy this issue?
Henri Arslanian

Future of Finance and Money - PwC Global Crypto Leader, Best Selling Author, Keynote Speaker, University Professor, Host of Crypto Capsule™ - Views are my own

In order to unsubscribe, click here.
If you were forwarded this newsletter and you like it, you can subscribe here.
Powered by Revue