It’s common to hear news about major data breaches, but what happens when your personal information is stolen? Our research shows that stolen data products, like most legitimate goods, pass through a supply chain made up of manufacturers, wholesalers and consumers. But this supply chain includes the Merger of several criminal organizations operate on illegal underground marketplaces.
The supply chain of stolen data starts with the producers — hackers who exploit vulnerable systems and steal sensitive information like credit card numbers, bank account information, and social security numbers. Next, the stolen data is promoted by wholesalers and distributors who sell the data. After all, the data is bought by consumers who use it to sign up different forms of fraudincluding fraudulent credit card transactions, identity theft and phishing attacks.
This trade in stolen data between manufacturers, wholesalers, and consumers is made possible by dark web markets, which are websites similar to common e-commerce websites, but which can only be accessed with special browsers or authorization codes.
We found several thousand vendors selling tens of thousands of stolen data products on 30 Darknet markets. These vendors generated more than $140 million in revenue over an eight-month period.
Darknet Markets
Just like traditional e-commerce sites, dark web marketplaces provide a platform for vendors to connect with potential buyers to facilitate transactions. However, dark web markets are notorious for selling illegal products. Another important difference is that accessing dark web markets requires the use of special software, such as: the onion routeror TOR, which offers security and anonymity.
silk road, which emerged in 2011, combined TOR and Bitcoin to become the first known dark web market. The market was finally conquered in 2013, and the founder, Ross Ulbricht was convicted to two life sentences plus 40 years without possibility of parole. Ulbricht’s lengthy prison sentence did not seem to have the intended deterrent effect. Several markets emerged to fill the void, creating a thriving ecosystem that capitalized on stolen personal information.
Stolen data ecosystem
| Key stats from individual dark web marketplaces for stolen data | ||||
|---|---|---|---|---|
| market | Offerer | listings | sale | revenue |
| agartha | 302 | 16,296 | 237,512 | $91,582,216.00 |
| Astonishing | 6 | 43 | – | – |
| apollo | 650 | 9,885 | 238 | $3,703.00 |
| ASEAN/ASAP | 59 | 2,921 | 0 | 0 |
| aurora | 71 | 2,913 | 128,561 | $3,003,846.00 |
| Babylon | 14 | 55 | – | – |
| CanadaHQ | 125 | 2,886 | 4.271 | $241,656.00 |
| cartel | 44 | 487 | 61,604 | $31,280,508.00 |
| corona | 95 | 2,979 | 19.149 | $1,553,850.00 |
| cipher | 56 | 2,472 | 123 | $20,009.00 |
| Dark | 248 | 8,679 | 19,783 | $571,512.00 |
| dark0de | 52 | 487 | – | – |
| DarkBay/Lime | 101 | 10,004 | 72 | $60,076.00 |
| dark fox | 159 | 2,040 | 15,929 | $74,057.00 |
| DeepMart | 23 | 218 | 37,095 | $9,156,025.00 |
| deep sea | 141 | 4,437 | 11,905 | $116,962.00 |
| elite | 52 | 691 | 22,079 | $147,245.00 |
| Icarus | 88 | 557 | – | – |
| freedom | 19 | 189 | – | – |
| Neptune | 160 | 6.507 | 1,140 | $23,696.00 |
| royal | 13 | 54 | 0 | 0 |
| silk road* | 28 | 38 | 490 | $15,053.00 |
| gate2door | 52 | 1,908 | 207 | $1,796.00 |
| torrez | 85 | 1,707 | 5.189 | $145,198.00 |
| Versus | 99 | 3,959 | 6,532 | $125,363.00 |
| ViceCity | 101 | 1,776 | 3,150 | $57,018.00 |
| White House | 306 | 11,184 | 56,950 | $2,146,730.00 |
| World | 24 | 749 | 223 | $3,280.00 |
| yakuza | 48 | 411 | 5 | $8,200.00 |
| Yellow brick | 39 | 140 | – | – |
| Data source: Christian Jordan Howell | ||||
Recognizing the role of dark web markets in the trafficking of stolen data, we conducted the largest systematic survey of stolen data markets known to us to better understand the size and scope of this online illicit ecosystem. To do this, we first identified 30 dark web markets promoting stolen data products.
Next, we extracted information about stolen data products from the markets weekly for eight months, from September 1, 2020 to April 30, 2021. We then used this information to determine the number of vendors selling stolen data products, the number of products stolen data promoted, the number of products sold, and the amount of revenue generated.
In total there were 2,158 providers who advertised at least one of the 96,672 product offers on the 30 marketplaces. Vendors and product listings were not evenly distributed across markets. On average, marketplaces had 109 unique vendor aliases and 3,222 product listings associated with stolen data products. Marketplaces recorded 632,207 sales in these markets generating total sales of $140,337,999. Again, there are big differences between the markets. On average, marketplaces had 26,342 sales and generated $5,847,417 in revenue.
After assessing the aggregate characteristics of the ecosystem, we analyzed each of the markets individually. In doing so, we found that a handful of markets were responsible for trading most of the stolen data products. The three largest markets — Apollon, WhiteHouse, and Agartha — contained 58 percent of all vendors. The number of entries ranged from 38 to 16,296, and the total number of sales ranged from 0 to 237,512. The total earnings of the markets also varied significantly over the 35-week period, ranging from $0 to $91,582,216 for the top performing market, Agartha.
For comparison, most mid-market companies operating in the US make between $10 million and $1 billion annually. Both Agartha and Cartel generated enough revenue to be classified as mid-market companies over the 35-week period we tracked them, earning $91.6 million and $32.3 million, respectively. Other markets like Aurora, DeepMart, and WhiteHouse have also been on track to match mid-market sales if given a full year to earn.
Our research describes a thriving underground economy and illicit supply chain enabled by dark web markets. As long as data is routinely stolen, there are likely to be marketplaces for the stolen information.
These dark web markets are difficult to disrupt directly, but efforts to prevent customers of stolen data from using them offer some hope. We believe advances in artificial intelligence can provide law enforcement, financial institutions and others with the information needed to prevent stolen data from being used for fraud. This could stop the flow of stolen data through the supply chain and disrupt the informal economy that profits from your personal information.
Christian Jordan Howell is Assistant Professor of Cybercrime, University of South Floridaand David Maimon is Professor of Criminal Law and Criminology, Georgia State University.
This article is republished by The conversation under a Creative Commons license. read this original article.
This article was previously published on Source link
