A Quick Tour in the Web Black Market

Uploaded on 2015-06-24 in NEWS-Cybersecurity News, GOVERNMENT-Law Enforcement, FREE TO VIEW, BUSINESS-Services-Law

rand-cyber-black-market.jpg

Black Markets are places on the web where it is possible to acquire or rent “malicious” services and products, these markets are growing fast and are becoming very popular in the criminal underground. Among the most commercialized products offered in the black markets there is user’s personal information, but which its value for cyber criminals.
 
Once selected the various types of personal information, the application shows potential markets where a data could be sold and related price.

A report published by the RAND corporation titled “Market for Cybercrime Tools and Stolen Data” provided useful information for product and services available in the principal underground markets. This Report was created by researching the markets and interviewing experts in IT security industry and in the following table the principal goods and services exchanged on the black market are listed.

What is important to note is that in recent years the market’s access has grown thanks to the fact that many people, even if they are not technically skilled, can buy services or goods already made to initiate their activities as “lamier”. The report also notes that:
“Markets tend to make activities more efficient, whether such activities are laudable or criminal  (or, at least, subterranean). The world of hacking can be seen as a market: Buyers seek the best price; sellers ply their wares or skills to make the most profit. This scenario is subject to typical market forces, with prices rising when demand is high and falling when it is low. Over time, good products squeeze out bad ones, and high-quality brands can command premium prices. Mergers and acquisitions occur, and deals get made between market participants who know and trust each other. ”

In the last 10 years the market has started to be organized and guided by the exchange of products and services between groups and individuals (diagram above).

The RAND report reveals that the money is closer to those who have technical ability, like a zero-day researcher, or malware writers. These individuals write or analyze malicious code sell exploits to trigger newly discovered vulnerabilities in principal software.
The report goes on to explain the various channels through which the products and services are commercialized.

The most important requirement for both buyer and sellers is the anonymity of the channel used for the transaction, for this reason black markets based on anonymizing networks (i.e. Tor, I2P) and using virtual currencies like Bitcoin to anonymize payments.

Some of the most important malicious effects of the black market over the last few years as indicated in the RAND’s report is where data from as many as 40 million credit cards and 70 million user accounts were hijacked, such data appeared within days on black-market sites. Other examples of attacks and their links to underground markets include: recent increases in the use of watering-hole attacks (where users visit popular, legitimate, but compromised websites) when clicked they infect a victim’s computer. 

Perhaps the hacker’s market is not “more profitable than the illegal drug trade”, as the RAND report suggests, but it is a big commercial opportunity for a large amount of people.  Anyone who has a computer can enter the market and start a business. The channels are pretty much secure and even if you do not look like a new Al Capone, if you want, you could be a “dark trader” of stolen credit card or a good broker of new zero-day vulnerabilities.
Security Affairs: http://bit.ly/1JD1NC4

« WhiteHat Security: Majority of Websites Are Vulnerable to Data Thieves
US spied on French presidents »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Lima Networks

Lima Networks

LIMA design and deliver IT Infrastructure solutions and services including managed Security Monitoring services.

TestFort

TestFort

TestFort QA Lab is a specialized software testing company offering independent quality assurance and software testing services.

SCIPP International

SCIPP International

SCIPP’s courses are based on internationally recognized best business practices for security awareness, for both technical and non-technical staff and to comply with regulatory mandates.

Kivu Consulting

Kivu Consulting

Kivu Consulting combines technical and legal expertise to deliver data breach response, investigative, discovery and forensic solutions worldwide.

Cyjax

Cyjax

Cyjax monitors the Internet to identify the digital risks to your organisation, including cyber threats, reputational risks and the Darknet.

NinjaJobs

NinjaJobs

NinjaJobs is a community-run job platform developed by information security professionals. We focusing strictly on cybersecurity positions.

ACROS Security

ACROS Security

ACROS Security is a leading provider of security research, real penetration testing and code review for customers with the highest security requirements.

Sequretek

Sequretek

Sequretek was formed with the aim to “Simplify Security”. We envision a future where enterprise networks are streamlined, secure and simple.

SecureWorx

SecureWorx

SecureWorx are a secure multi-cloud MSP, a provider of advanced IT security services and an independent cyber security advisory.

Epiphany Systems

Epiphany Systems

Epiphany enhances your defensive security controls by providing you with an offensive perspective. We expose the most likely attack paths to your most critical IT assets and users.

N-able

N-able

N-Able deliver simple and sophisticated monitoring, security, and business solutions that empower you to solve your toughest IT challenges.

Coviant Software

Coviant Software

Coviant Software delivers secure managed file transfer (MFT) software that integrates smoothly and easily with business processes.

Emtec

Emtec

Emtec’s cyber security team provides advisory, assessment, & managed security services that help you build the cyber security policies, toolsets & best practices to elevate your cyber security posture

Maltego Technologies

Maltego Technologies

Maltego is a comprehensive tool for graphical link analyses that offers real-time data mining and information gathering. Applications include cybersecurity threat intelligence and incident response.

Casepoint

Casepoint

Casepoint is the legal technology platform of choice for corporations, government agencies, and law firms to meet their complex eDiscovery, investigations, and compliance needs.

Emergence Insurance

Emergence Insurance

Emergence is an insurance underwriting agency, focused on providing insurance solutions to help protect businesses and families against their cyber risks.