Kount LogoBLog Against FraudKount Logo

Dark Web Marketplaces: Part 3 of 3

posted on: Thu Jan 11 2018

This is the third and final part of a three-part series. Click these links to read part one and part two.

NEWS FLASH – In early December, Dark Web researchers announced the discovery of the largest single database of stolen credentials from Internet data breaches. It comprises more than 1.4 billion pairings of user names, passwords and much more.

According to a December 5, 2017 article in SecurityWeek.com, these hot credentials are not from a new breach. The information has been compiled from many prior breaches. However, it’s now aggregated and organized in an interactive database structure that permits superfast (one second response) searches as well as the easy uploading of records from new breaches. 

Tor, a free, open source, security-focused web browser, remains the primary gateway to the Dark Web and is used by millions every day around the world. Once inside the realm of the Dark Web, fraudsters are presented with an amazing assortment of tools and training available to enable credit card fraud, account and identity takeovers, GPS spoofing and many other scam resources.

The three-part recipe for Internet fraud is simply: Data + Tools + Opportunity. The Dark Web offers all three in abundance. With stolen login credentials, credit card numbers and even entire virtual identities all available on the Dark Web, this underworld has become a maze of hidden crime bazaars and specialized marketplaces. According to the FBI, there is a wide range of products offered in Dark Web marketplaces, such as:

  • Stolen Credentials/Identities
  • Drugs & Chemicals
  • Digital Products
  • Fraud
  • Counterfeit Items
  • Weapons
  • Software & Malware
  • Guides & Tutorials
  • Jewels & Gold

When it comes to stolen credentials and identities in particular, a laundry list of weaponized data for committing online fraud is available for purchase: 

  • Credit card accounts with associated email, billing addresses, etc.
  • Banking accounts (checking and/or savings) with associated email, billing addresses, etc.
  • Credit card, gaming, streaming video, and other accounts that have been taken over or compromised
  • Compromised mileage account and other loyalty program accounts

In addition, fraudsters can actually find tools and training to help them maximize their criminal behavior:

  • Anti-detect browsers and anti-detect user guides
  • Verification schemes for fraudulent accounts with ebay, PayPal, and others
  • Online courses on how to install credit card skimmers in ATMs, cash out fake credit card dumps, set up Polish banking accounts, and more 

Clearly the Dark Web and its host realm the Deep Web forms a vast, invisible and rapidly expanding universe. As in the early days of earthly global exploration, conjecture, rumors and misinformation bloom and swirl despite the fact that the Deep and Dark Webs have existed for some 40 years now.

In early 2017, TechRepublic posted "Dark Web: The smart person's guide" to shed light on the encrypted, subsurface Internet, emphasizing that the Dark Web is used for “both nefarious and reputable purposes” today. While the Dark Web is used to sell data, drugs, illicit materials and even weapons, it also protects dissidents and journalists, stores useful data and helps law enforcement officials fight terrorism and other crimes.

Some Dark Web markets have survived a number of years, like Dream Market, formed in late 2013 with a recent uptime availability rating over 95%. But others, like onetime Dark Web leaders AlphaBay and Hansa, have either been busted by authorities or shut down by their founders to avoid legal issues. 

A list of all currently known and operating Dark Web markets is at the DNMSuperlist wiki, which includes this disclaimer in all caps: “ANY OF THESE MARKETS COULD BE SCAMS, OR COULD BECOME SCAMS AT ANY TIME.”

Australian lawyer turned journalist Eileen Ormsby has reported on the Dark Web since 2013 when she published her book expose on the Silk Road marketplace. The Silk Road was the first modern Dark Web market, one that was dubbed the “eBay of drugs,” before it was shuttered by an International cybersecurity task force.

Ormsby maintains the website All Things Vice: Your intelligent guide to the seedier side with periodic blog entries. She sees tremendous turbulence in Dark Web marketplaces today due to jostling and scams perpetrated by site operators, as well as increasingly sophisticated disruption by law enforcement efforts. She also blames Dark Web chaos on the high fees and low speeds associated with Bitcoin cryptocurrency transactions widely used in Dark Web transactions.

Today, the Dark Web remains a lawless, wild west frontier. Yet, Dark Web marketplaces represent a fraction of the overall transaction volume of goods and services taking place on the surface web. And while law enforcement efforts have shuttered top Dark Web marketplaces, the medium appears to have self-healing qualities. Spooked hackers withdraw into the inky blackness of cyberspace…only to recompose and reappear in other quarters.

Stay tuned for future revelations on the Dark Web. In the meantime, know that Kount stands on the front lines of fighting fraud and foiling the fraudsters that threaten the entire ecosystem of online commerce.

Download the eBook "Prosecuting the Perps: How to Ruin a Bad Guy's Day" and discover different ways to fight and send a message to online fraudsters.