The Dark Web is a small part of the Internet, but it centers many cyber criminals and threat actors who generally exchange ideas, thoughts, tips, tricks and experiences through hidden forums.
Many of these cyber criminals also sell various goods and services; Privacy matters has a new report about the average prices of those services in 2022.
Credit cards and financial services
Credit card information can be purchased in several forms: The usual credit card number, along with name, expiration date, and CVV code. This stolen information is all that cybercriminals need to purchase products or services online from other websites.
TO SEE: Password Breach: Why Pop Culture and Passwords Don’t Mix (Free PDF) (TechRepublic)
The credit card details can be purchased individually or at scale – the more cards you buy, the lower the price. The last two elements used to determine the price of the data are the country of origin of the bank and, if known, the balance of the account.
Valid credit card information with an account balance of up to $5,000 USD sells for an average of $120 on the Dark Web, although a single credit card can sell for as little as $15.
By December 2021, there were approximately 4.5 million stolen credit cards available on the Dark Web, according to the report.
Stolen accounts for financial services are also sold. A stolen PayPal account with a balance of at least $1,000 is worth $20, while 50 hacked PayPal account details with no known balance are sold for an average of $150. Some details are more expensive: a CashApp verified account can be worth up to $800, and a verified Stripe account with a payment gateway can be worth up to $1,000.
Cryptocurrency services are also available. These types of accounts require detailed information when registering, so some fraudsters make a point of creating accounts with fake IDs, driver’s licenses and passports before selling them. Such accounts range in price from $90 for a Blockchain.com account to $320 for an Xcoins exchange platform account.
Personally identifiable information, social media and forged documents
The identity business is very important to cybercriminals. They use fake identities for credit fraud, registering for sensitive financial web services and anything else that requires a real identity.
Forged documents can be sold as a physical item or as a convincing scan. Physical passports are very expensive: a passport from any country in the European Union can be sold for $3,800. Virtual IDs of any kind are much cheaper and sell for around $150.
Social media accounts sell for between $25 for a hacked Twitter account to $45 for a hacked Facebook account.
Malware and DDoS attacks
Malware infections are sold at different prices. Access to 1,000 high-quality infected machines in Europe is worth $1,800, while 1,000 low-quality infections are sold in Europe for $120.
The difference in these prices can be explained by defining a high quality for malware infection: this means that the infected computer is always connected to the internet with a high transfer rate.
When it comes to distributed denial-of-service attacks, prices vary depending on the target. An unsecured target website can receive 10,000 to 50,000 requests per second for as little as $10 or $850 for a full month. A secure website can be reached at 20,000 to 50,000 requests per second, using multiple elite proxies, for a full day for $200.
Initial access data
One of the services that has boomed in the past year has been the online sale of valid entrances to corporate entities. Initial Entry Brokers have become increasingly visible on the Dark Web, selling their services on many cybercriminal marketplaces.
According to Kasperskywho recently analyzed nearly 200 posts on the Dark Web selling access to corporate networks, access typically ranges between $2,000 and $4,000.
While these amounts may seem modest compared to the tens of millions of profit made by ransomware operators who often purchase such accesses, they are often considered too expensive by experienced criminals who have the ability to create a corporate environment themselves in a matter of hours or minutes. to penetrate. †
The most common types of access sold for those prices on the Dark Web are valid RDP access credentials, which allow an attacker to impersonate an organization’s employee and gain a first foothold in the corporate network (Image A†
Image A
There doesn’t seem to be an upper limit on these prices. According to Kaspersky, access data of a company with $465 million in revenue has been seen for sale for $50,000 (Figure B†
Figure B
How to protect against identity and data theft
Always keep every system and software up to date and patched. Multi-factor authentication should also be implemented in any system that accepts connections from the Internet, including RDP, FTP, webmail, and web panel management.
Every employee should conduct regular awareness campaigns to avoid falling for phishing scams, and employees should be taught not to reveal too much about themselves on social networks.
Information such as credit card numbers or IDs should never be stored unencrypted anywhere on the network.
It is also possible to check for leaks on most cybercriminal forums and Dark Web marketplaces to search for brands and company names. Since that activity is very time consuming, some cybersecurity companies do offer such services.
Disclosure: I work for Trend Micro, but the opinions expressed in this article are my own.
