A Quick Tour in the Web Black Market
Black Markets are places on the web where it is possible to acquire or rent “malicious” services and products, these markets are growing fast and are becoming very popular in the criminal underground. Among the most commercialized products offered in the black markets there is user’s personal information, but which its value for cyber criminals.
Once selected the various types of personal information, the application shows potential markets where a data could be sold and related price.
A report published by the RAND corporation titled “Market for Cybercrime Tools and Stolen Data” provided useful information for product and services available in the principal underground markets. This Report was created by researching the markets and interviewing experts in IT security industry and in the following table the principal goods and services exchanged on the black market are listed.
What is important to note is that in recent years the market’s access has grown thanks to the fact that many people, even if they are not technically skilled, can buy services or goods already made to initiate their activities as “lamier”. The report also notes that:
“Markets tend to make activities more efficient, whether such activities are laudable or criminal (or, at least, subterranean). The world of hacking can be seen as a market: Buyers seek the best price; sellers ply their wares or skills to make the most profit. This scenario is subject to typical market forces, with prices rising when demand is high and falling when it is low. Over time, good products squeeze out bad ones, and high-quality brands can command premium prices. Mergers and acquisitions occur, and deals get made between market participants who know and trust each other. ”
In the last 10 years the market has started to be organized and guided by the exchange of products and services between groups and individuals (diagram above).
The RAND report reveals that the money is closer to those who have technical ability, like a zero-day researcher, or malware writers. These individuals write or analyze malicious code sell exploits to trigger newly discovered vulnerabilities in principal software.
The report goes on to explain the various channels through which the products and services are commercialized.
The most important requirement for both buyer and sellers is the anonymity of the channel used for the transaction, for this reason black markets based on anonymizing networks (i.e. Tor, I2P) and using virtual currencies like Bitcoin to anonymize payments.
Some of the most important malicious effects of the black market over the last few years as indicated in the RAND’s report is where data from as many as 40 million credit cards and 70 million user accounts were hijacked, such data appeared within days on black-market sites. Other examples of attacks and their links to underground markets include: recent increases in the use of watering-hole attacks (where users visit popular, legitimate, but compromised websites) when clicked they infect a victim’s computer.
Perhaps the hacker’s market is not “more profitable than the illegal drug trade”, as the RAND report suggests, but it is a big commercial opportunity for a large amount of people. Anyone who has a computer can enter the market and start a business. The channels are pretty much secure and even if you do not look like a new Al Capone, if you want, you could be a “dark trader” of stolen credit card or a good broker of new zero-day vulnerabilities.
Security Affairs: http://bit.ly/1JD1NC4