Darknet markets generate millions in revenue by selling stolen personal data

Darknet markets generate millions in revenue by selling stolen personal data

Hacker in binary code digital background.  Cyber ​​crime and internet privacy hacking.  Network security, cyber attack, computer virus, ransomware and malware concept.  2D artwork.

It’s common to hear news stories about big data breaches, but what happens once your personal data is stolen? Our research shows that, like most legal goods, stolen data products move through a supply chain made up of producers, wholesalers and consumers. But this supply chain involves the interconnection of several criminal organizations operating in illicit underground markets.

The supply chain for stolen data begins with the producers, hackers who exploit vulnerable systems and steal sensitive information such as credit card numbers, bank account information, and social security numbers. Then the stolen data is advertised by wholesalers and distributors who sell the data. Finally, data is purchased by consumers who use it to commit various forms of fraud, including fraudulent credit card transactions, identity theft, and phishing attacks.

The stolen data supply chain, from data theft to fraud.
Enlarge / The stolen data supply chain, from data theft to fraud.

This traffic of stolen data between producers, wholesalers and consumers is made possible by darknet marketplaces, which are websites that look like regular e-commerce websites, but can only be accessed using special browsers or authorization codes.

We found several thousand vendors selling tens of thousands of stolen data products across 30 darknet marketplaces. These vendors made over $140 million in revenue over an eight-month period.

Darknet markets

Much like traditional e-commerce sites, darknet marketplaces provide a platform for sellers to connect with potential buyers to facilitate transactions. Darknet markets, however, are notorious for selling illicit products. Another key distinction is that accessing darknet markets requires the use of special software such as the Onion Router, or TOR, which provides security and anonymity.

Silk Road, which emerged in 2011, combined TOR and bitcoin to become the first known darknet market. The deal was eventually seized in 2013 and founder Ross Ulbricht was sentenced to two life terms plus 40 years without the possibility of parole. Ulbricht’s heavy prison sentence does not seem to have the desired deterrent effect. Multiple markets have emerged to fill the void and in doing so have created a thriving ecosystem profiting from stolen personal data.

Example of stolen data
Enlarge / Example of a stolen data “product” being sold on a darknet market.

Stolen Data Ecosystem

Key statistics for different stolen data markets on the darknet
Market Sellers Advertisement Sales Revenue
Summoned 302 16,296 237,512 $91,582,216.00
amazing 6 43
Apollo 650 9,885 238 $3,703.00
ASEAN/ASAP 59 2,921 0 0
Dawn 71 2,913 128,561 $3,003,846.00
Babylon 14 55
CanadaHQ 125 2,886 4,271 $241,656.00
Cartel 44 487 61,604 $31,280,508.00
Crown 95 2,979 19,149 $1,553,850.00
Zero 56 2,472 123 $20,009.00
Dark 248 8,679 19,783 $571,512.00
Dark0de 52 487
Dark Bay/Lime 101 10,004 72 $60,076.00
black fox 159 2,040 15,929 $74,057.00
Deep-Mart 23 218 37,095 $9,156,025.00
deep sea 141 4,437 11,905 $116,962.00
Elite 52 691 22,079 $147,245.00
Icarus 88 557
Freedom 19 189
Neptune 160 6,507 1,140 $23,696.00
Royal 13 54 0 0
Silk Road* 28 38 490 $15,053.00
Tor2Door 52 1,908 207 $1,796.00
Torrez 85 1,707 5,189 $145,198.00
Versus 99 3,959 6,532 $125,363.00
city ​​of vice 101 1,776 3,150 $57,018.00
White House 306 11,184 56,950 $2,146,730.00
World 24 749 223 $3,280.00
Yakuza 48 411 5 $8,200.00
YellowBrick 39 140
Data source: Christian Jordan Howell

Recognizing the role of darknet markets in stolen data trafficking, we conducted the largest systematic review of stolen data markets we know of to better understand the size and scope of this illicit online ecosystem. To do this, we first identified 30 darknet marketplaces advertising stolen data products.

Next, we extracted information about stolen data products from marketplaces on a weekly basis for eight months, from September 1, 2020 to April 30, 2021. We then used this information to determine the number of vendors selling stolen data products. , the number of stolen data products announced, the number of products sold and the amount of revenue generated.

A total of 2,158 vendors advertised at least one of 96,672 product listings across the 30 markets. Vendors and product listings were not evenly distributed across marketplaces. On average, marketplaces had 109 unique vendor aliases and 3,222 product listings related to stolen data products. Marketplaces recorded 632,207 sales on these marketplaces, which generated $140,337,999 in total revenue. Again, there are strong variations between markets. On average, marketplaces made 26,342 sales and generated $5,847,417 in revenue.

After evaluating the overall characteristics of the ecosystem, we analyzed each of the markets individually. In doing so, we discovered that a handful of marketplaces were responsible for the traffic in most stolen data products. The three largest marketplaces – Apollon, WhiteHouse and Agartha – contained 58% of all vendors. The number of listings ranged from 38 to 16,296, and the total number of sales ranged from 0 to 237,512. $582,216 for the most successful market, Agartha.

For comparison, most midsize companies operating in the United States earn between $10 million and $1 billion a year. Agartha and Cartel generated enough revenue in the 35-week period we tracked to qualify as mid-sized companies, earning $91.6 million and $32.3 million, respectively. Other marketplaces like Aurora, DeepMart, and WhiteHouse were also on track to reach mid-size company revenue if given a full year to earn.

Our research details a thriving underground economy and illicit supply chain enabled by darknet markets. As long as data is regularly stolen, there will likely be marketplaces for stolen information.

These darknet markets are difficult to disrupt directly, but efforts to prevent customers of stolen data from using them offer some hope. We believe that advances in artificial intelligence can provide law enforcement, financial institutions and others with the information needed to prevent stolen data from being used to commit fraud. This could stop the flow of stolen data through the supply chain and disrupt the underground economy that profits from your personal data.

Christian Jordan Howell is an assistant professor of cybercrime at the University of South Florida, and David Maimon is a professor of criminal justice and criminology at Georgia State University.

This article is republished from The Conversation under a Creative Commons license. Read the original article.

#Darknet #markets #generate #millions #revenue #selling #stolen #personal #data

Leave a Comment

Your email address will not be published. Required fields are marked *