Alleged Hansa Market Admins Charged in Connection with Pirated eBook Site


During the investigation in 2017 that led to the seizure of both Alphabay and Hansa Market, German law enforcement arrested two men for operating a pirated eBook shop online. Both men also allegedly operated Hansa Market. Now, two years after the bust, German authorities have charged the alleged operators of LuL.to for their alleged fraud and copyright law violations.

German authorities announced that the public prosecutor’s office had charged two men for computer fraud and copyright violation. A third man allegedly helped conceal payments. The charges were filed in connection with a pirated eBook and audiobook site that sold pirated content for less than a dollar each. The site, LuL.to, had more than 50,000 customers between 2013 and 2017.

LuL.to Seizure Banner

During the investigation into the owners of LuL.to, German law enforcement found roughly 12 million euros worth of cryptocurrency. They seized and later sold the cryptocurrency in 2018.

The Hansa takedown was a result of the alleged LuL.to seizure. German law enforcement arrested the two administrators and placed them in custody. The suspects had no contact with the outside world except for conversations with their attorneys. Immedietly after the arrest, law enforcement in the Netherlands took control of the server hosting Hansa Market and stealthily conducted their operation to identify Hansa vendors and users.

LuL.to Homepage

One of the two main suspects had leaked his IP address. After analyzing the data by the suspect’s Internet provider, more than 17,000 lines of chat communication were seized and evaluated. In it, the perpetrators also revealed their real names. The suspects, aged 30 and 31, were arrested. They handed over the account data and even trained the Dutch investigators.


Below is a copy of the press release from the ZCB (translated from German):

The Cybercrime Bayern central office, set up by the Bamberg Public Prosecutor’s Office, has charged a man from Baden-Württemberg and two men from North Rhine-Westphalia with 35,569 cases of commercial and gang-related computer fraud and aiding and abetting. indictment was brought before the District Court of Munich I.

After several years of investigations by the Central Office Cybercrime Bayern together with the CyberCrimeCompetenceCenter of the Saxony State Criminal Office, the Prosecutor General’s Office in Bamberg already announced at the end of May the alleged operators of the illegal book-sharing platform LuL.to indicted by the Economic Criminal Chamber of the Munich District Court I. The two main defendants from North Rhine-Westphalia are charged with, among other things, 35,569 cases of commercial and gang-related computer fraud and 144,871 cases of the web-based unauthorised exploitation of copyrighted works. The third accusation is said to have helped you in particular by concealing payment flows.

“LuL.to” was a large online portal through which books (e-books), audiobooks, as well as newspapers and magazines (e-paper) can be downloaded as MP3 or PDF files against payment of small amounts without the consent of the authors or authorised persons. were offered. The portal was taken off the web by investigators as early as June 2017.

The offer on the www.LuL.to website included more than 200,000 titles, including about 170,000 German-language e-books and 28,000 audiobooks alone. Nearly 50,000 customers used the portal’s illegal services from 2013 to 2017, acquiring more than 6 million titles. The total illegal offer of copyrighted works on LuL.to amounted to at least 11 terabytes.

The accused, who have not yet come forward with criminal charges, have largely confessed in the investigation. Initially, arrest warrants obtained were therefore suspended in all cases in the meantime against conditions. Further investigations are currently under way against other assistants who are alleged to have participated in the procurement of the copyrighted works. Whether LuL.to’s customers still face criminal consequences is also the subject of further investigations.

The two alleged main perpetrators were found to have large holdings of cryptocurrencies allegedly linked to the profitable operation of LuL.to and other criminal activities during the course of the investigation. These cryptocurrencies were sold in the first half of 2018 on behalf of the central office Cybercrime Bayern. The proceeds of the sale totalled just over EUR 12 million. The extent to which the proceeds of the sale are to be used to satisfy the claims of injured parties, to benefit the public treasury or to be returned to the accused will not be determined in a judgment until the main hearing has been concluded. The emergency sale was intended solely to preserve the value of the assets seized.

An economic criminal chamber of the Munich District Court I will now have to decide on the admission of the indictment.

Since 1 January 2015, the Bamberg Prosecutor’s Office has been in the central office cybercrime Bayern. This central office is responsible for the handling of high-profile investigations in the field of cybercrime throughout Bavaria. It investigates in cooperation with the relevant specialists of the police or the Federal Criminal Police Office and with international partners, e.g. in the case of attacks on important sectors of the economy or in the field of organised cybercrime. Even if there is a high investigative burden in the field of computer and information technology in general crime proceedings, the prosecutors of the central office take action. The cases dealt with are manifold: they range from hacker attacks to cases of prepayment fraud on the Internet, e.g.through professional so-called fake shops, and cases of ransomware up to the trade of weapons, drugs and child pornography in the darknet. Since 1 August 2018, the Central Office Cybercrime Bayern has also been responsible for high-profile cases of economic cybercrime. There are currently 14 prosecutors working at the Cybercrime Bayern central office.

Source: ZCB