The Dark Web has become darker and busier, cybercrime services cost less than $500

zakislam

Posts: 52   +1
Why it matters: The dark web is still alive and kicking, and it's become more dangerous than ever. New research highlights how the value of stolen data and general cybercriminal behavior has evolved over the past six years.

Cloud security firm, Bitglass, recreated a data tracking experiment from 2015 by inventing a fictional identity selling login and password data. Researchers then posted the information in several dark web marketplaces, enticing users by offering access to fake files that would allow access to organizations in retail, government, gaming, and media sectors.

Watermarking technology inserted into the files allowed Bitglass to trace data from the users who accessed it and thus gather current trends on the dark web. The findings were interesting. Overall, stolen data spreads 11 times faster on the dark web today compared to six years ago.

Breach data received over 13,200 views in 2021, a dramatic increase from 1,100 views in 2015. The surge represents a growth of 1,100 percent, clearly demonstrating how the underground platform has become an even more popular destination for cybercriminals.

The time it took to reach 1,100 link views in 2015 was 12 days. In 2021, the targets were markedly faster in accessing the sham data as it took them less than 24 hours to view the links.

Locations from where the downloads of the stolen data occurred revealed the United States as the second-most frequent region from where cybercriminals originate. The top three included Kenya, America, and Romania.

The research also found that targets showed a keen interest in retail and U.S. government networks data. These two categories received the most clicks—37% and 32%, respectively. That's not a surprising revelation as the potential ransoms can yield enormous profits for those fields.

Retail networks are naturally a top priority for attackers as they can distribute ransomware and extract payouts from large businesses. Likewise, U.S. government data is equally valuable since hackers—state-sponsored or individuals—can then sell this information to other nations.

In addition, activity within the dark web has become busier. According to the study, the total number of anonymous viewers on the Dark Web in 2021 reached 93 percent, a notable rise from 2015 when it was 67 percent.

Cybercriminals have largely evaded laws that prosecute cybercrime as they've become more effective in covering their tracks, Bitglass stressed.

Cybersecurity efforts from businesses and organizations have not adequately been able to prevent attacks. Furthermore, because of the increased attention from law enforcement to track down malicious actors, the firm expects them to continue to utilize anonymous VPNs and proxies to evade authorities.

"In comparing the results of this latest experiment to that of 2015, it is clear that data on the Dark Web is spreading farther, faster," said Mike Schuricht, head of the Bitglass Threat Research Group. "We expect that the increasing volume of data breaches as well as more avenues for cybercriminals to monetize exfiltrated data has led to this increased interest and activity surrounding stolen data on the Dark Web."

According to data posted by Microsoft, Dark Web denizens can acquire most cybercrime services for less than $500. Atlas VPN discovered that underground marketplaces offer a single ransomware kit for as low as $66, while hackers only charge about $311 to deliver a sustained DDoS attack against a target for as long as a month.

Data breaches are commonplace nowadays, so it's not surprising that stolen usernames and passwords are offered for as little as 97 cents per 1,000 accounts. Additionally, hackers perform custom jobs such as credit card scams or identity theft for as little as $250.

Image credit: Freepik

Permalink to story.

 

Uncle Al

Posts: 8,362   +7,166
Once again, the internet was invented so why can't it be re-invented with the necessary tools to stop these crimes? We can figure out how to do it so why can't it be reverse engineered? Certainly looks like MicroSludge, Fakebook, and all the other "big boy's" prefer to have these issues in place for their own benefit.
 
Its not that easy. its complex.. there are also many legitimate uses for the dark web.
A simpler solution would be engendering a surfeit of compassion in humanity.
both solutions are
virtually impossible.
but given this choice, I would go with the latter as being more plausible, however unrealistic. perhaps these binary choice procedures are unhelpful, and a more nuanced solution is needed?



 

maxxcool7421

Posts: 67   +94
Once again, the internet was invented so why can't it be re-invented with the necessary tools to stop these crimes? We can figure out how to do it so why can't it be reverse engineered? Certainly looks like MicroSludge, Fakebook, and all the other "big boy's" prefer to have these issues in place for their own benefit.

Most users are stupid. As long as people are stupid.. ''hacks'' will occur. Most ''hacks'' are not hacking.. just sending stupid people badly written fake emails to gather user\pass data or deliver a trojan.

As for the ''dark web'' you cannot get rid of that.. that is what encryption is for .. literally ..

Encryptions has edges on both sides of the blade.
--It tries to keep your credit card from being ''seen'' in web traffic via SSL\TLS etc
--it also hides the nefarious users and thier services.

you **cannot** have one without the other.
 

Vanderlinde

Posts: 68   +57
Most users are stupid. As long as people are stupid.. ''hacks'' will occur. Most ''hacks'' are not hacking.. just sending stupid people badly written fake emails to gather user\pass data or deliver a trojan.

As for the ''dark web'' you cannot get rid of that.. that is what encryption is for .. literally ..

Encryptions has edges on both sides of the blade.
--It tries to keep your credit card from being ''seen'' in web traffic via SSL\TLS etc
--it also hides the nefarious users and thier services.

you **cannot** have one without the other.

And you truely believe the data you transmit over the internet is "safe" ? Think twice. The goverment and spying agency's are all on top of it. I'm not going into detail here but I have my sources and Snowden was'nt that far off about the "superstate" monitoring.

Apart from that, I had a past in cracking websites and in particular adult ones. Where you'd normally had to pay 49$ for a subscription I simply injected my own usernames and passes due to a improper configured webserver. Nobody would technically notice that you have users in a protected area surfing and not having to pay for it.

The lists of passwords and email (combinations) that where around where worth gold. The stronger these lists the better it was and guaranteed not just access to such websites but also badly protected email accounts. I mean there was'nt such a thing as 2FA back in the days. Email providers never got suspicious if a user from USA suddenly logged in from Europe or some stuff.

You have alot of skilled (and real) hackers from usually eastern europe, but also crackers. The difference is that hackers know what they do, write their own stuff and crackers running around with their automated tools to sort of check for vulnerability really.

The competition in that market is getting more fierce, as pricing is dropping down.
 

takemaru

Posts: 22   +2
Once again, the internet was invented so why can't it be re-invented with the necessary tools to stop these crimes? We can figure out how to do it so why can't it be reverse engineered? Certainly looks like MicroSludge, Fakebook, and all the other "big boy's" prefer to have these issues in place for their own benefit.
You would get CableTV 2.0