Logo

Select Language

English

Down Icon

Select Country

America

Down Icon

Police Seize Dark Web Shop Pygmalion, Access User Data from 7K Orders

Police Seize Dark Web Shop Pygmalion, Access User Data from 7K Orders

German police seized the dark web shop Pygmalion, gaining access to customer data linked to over 7,000 drug orders in a major investigation.

A major dark web drug operation and marketplace operating under the name “Pygmalion” has been disrupted by German law enforcement, with its infrastructure dismantled and several individuals arrested following a months-long investigation.

The Bavarian State Criminal Police Office (BLKA), working with the Central Office for the Prosecution of Cybercrime (ZCB) and backed by the Federal Criminal Police Office (BKA), seized multiple servers and onion domains used by the vendor.

The seized dark web domains now display a takedown notice from authorities, informing visitors that the content has been confiscated. This criminal content has been seized by the Federal Criminal Police Office (BKA) on behalf of the Bavarian Central Office for the Prosecution of Cybercrime (ZCB), the seizure notice states.

Police Seize Dark Web Shop Pygmalion, Access User Data from 7K Orders
Seizure notice displayed on all domains previously used by the Pygmalion shop

According to a press release from the BLKA published on 24 April 2025, investigators found a detailed trove of records, including customer data and order histories dating back to April 2024. Initial forensic analysis revealed that the operators maintained precise logs covering at least 7,250 individual transactions.

The scale of the operation came to light through data collected during prior investigations by the Thuringia State Criminal Police Office. Once connections were established between activity in Bavaria, Thuringia, and North Rhine-Westphalia, authorities were able to map out an internal structure that included packers, shippers, and coordinators.

On February 7, 2025, police arrested four individuals, three men and one woman, aged from 24 to 56. All are suspected of being part of a group responsible for packaging and shipping narcotics to buyers around the globe. The arrests took place in the Eichstätt district and the town of Neuburg an der Donau.

During coordinated raids at five properties, officers seized over 53 kilograms of illicit substances including methamphetamine, heroin, and cocaine. Also recovered were roughly 150,000 tablets regulated under Germany’s Medicines Act.

Many of the drugs were already portioned into thousands of vacuum-sealed bags, ready for distribution. Officials estimate the retail value of the confiscated narcotics to be in the low seven-figure euro range.

Police Seize Dark Web Shop Pygmalion, Access User Data from 7K Orders
Seized drugs (Image credit: © Bavarian State Criminal Police Office

In the aftermath of the takedown, a Pastebin message attributed to the vendor circulated via a redirect from the now-defunct Pygmalion darknet shop. It reads:

“You’ve already heard from the BKA: Our shop has been seized. Normally, this wouldn’t be possible, since we’re behind Tor—but Pygmalion had access to the server. This means it’s safe to assume that customer data is now in the hands of the authorities.

To all who have ordered since approximately April 2024:

  • Clean your house as soon as possible.
  • Keep your feet still.

We don’t plan on stopping, even though this was a huge blow for all of us.”

The message appears to confirm that the operational security of the marketplace was compromised internally, and it suggests that customers may be at risk of identification.

Law enforcement has outlined that online drug purchases, whether on the clear web or via dark web services, are subject to criminal prosecution. Contrary to the beliefs held by many users of such platforms, investigators frequently recover data logs, and the assumption of anonymity often proves false.

Officials emphasised that online traces left by orders can be used to identify buyers long after transactions occur. The scale of the seized data provides further opportunities for ongoing investigations.

The takedown and identification of buyers is similar to the Hansa dark web marketplace shutdown in 2018, when authorities not only dismantled one of the largest known cybercrime markets at the time but also publicly released information on identified, active, and arrested Hansa vendors and buyers.

Additionally, Pygmalion’s takedown came a month after German police seized the popular dark web marketplace Nemesis Market. The platform facilitated the sale of illegal drugs, stolen data, and cybercrime services, including ransomware. The shutdown was announced by German police on 21 March 2025.

Nevertheless, those arrested over their activities on Pygmalion face charges related to organized trafficking of large quantities of controlled substances. Convictions under such offences could carry sentences of five to fifteen years in prison, depending on the severity and level of involvement.

The seized onion addresses include:

http://pygmaliop3prfrktd6a6ezi3oqehu5ysja37vudycvkqngzncnvgw5qd.onion

http://pygmaliooo4dwxt4xdvrglqsgvdjnj3ymjtaffsavnufb6e2vz726wid.onion

HackRead

HackRead

Similar News

All News
Animated ArrowAnimated ArrowAnimated Arrow
Hurdle hints and answers for May 3, 2025
mashable

Hurdle hints and answers for May 3, 2025

How to watch Sabalenka vs. Gauff online for free
mashable

How to watch Sabalenka vs. Gauff online for free

Free Comic Book Day takes place on May 3. Heres how to get free comics during this giveaway.
mashable

Free Comic Book Day takes place on May 3. Heres how to get free comics during this giveaway.

A new low price for a Microsoft Office 2024 Lifetime License
mashable

A new low price for a Microsoft Office 2024 Lifetime License

Essential Guide to Vaccine Requirements in Illinois: What You Need to Know
Small BusinessTrends

Essential Guide to Vaccine Requirements in Illinois: What You Need to Know