Criminals are reportedly making millions in revenue from the sale of stolen personal data according to a report from the tech-focused magazine Ars Technica that cites several sources.
Hackers typically use dark net marketplaces to find buyers for the data they steal and cover up their identities by using protocols such as The Onion Router, also known as TOR, which is a web browser that conceals the IP address and protects the user from being tracked by third parties.
The content and websites found in the dark web, the universe in which the dark net lives, are concealed from the general public as it is not indexed by search engines. Meanwhile, the dark net specifically is a segment of the internet that requires certain advanced configurations on the user’s end to be accessed.
By using encryption and other sophisticated tools, criminals can hide their personal data successfully to be able to sell things on dark net marketplaces that they would not be otherwise allowed in a traditional e-commerce website such as Amazon (AMZN) or eBay (EBAY).
The research conducted by Ars Technica indicates that some marketplaces were able to bring in revenues in the six-figure range by selling the personal data they had stolen in a period between 1 September 2020 and 30 April 2021.
The examination involved browsing through as many as 30 dark net marketplaces where stolen data was marketed. The data included debit and credit card information, addresses, social security numbers (SSNs), and e-mails.
Top Dark Net Marketplaces are as Big as a Mid-Sized US Business
According to the study, the largest marketplaces were Apollon, WhiteHouse, and Agartha. They were home to the largest number of vendors. Agartha alone was able to produce approximately $91.6 million in revenues during the observed period while another relatively smaller market (by number of vendors) called Cartel brought as much as $31.3 million.
Also read: Top Cybersecurity Stocks to Invest in by Performance
The Ars team compared Agartha and Cartel with a mid-sized US-based company considering that its annual revenues were approximately $136 and $46.5 million. These figures indicate that a thriving market exists beneath the surface of the user-friendly internet that most people are aware of and interact with daily.
According to data from TOR, more than 700,000 .onion web addresses currently exist. They are used by individuals and organizations that prefer not to have their content indexed by search engines like Google and Bing.
Personal data is not the only item that can be sold anonymously via dark nets. Both legal and illegal products and services can be found in TOR-based marketplaces. For example, companies whose products cannot be lawfully commercialized in certain geographies may opt to use dark net marketplaces to serve their customers within those latitudes.
Cryptocurrencies Have Facilitated Dark Net Sales
Cryptocurrencies and their increasing popularity may have facilitated the growth of dark net marketplaces lately as they can be used as mean of payment while maintaining the anonymity of both the buyer and the seller.
One prominent case that demonstrated how dark-net marketplaces and cryptocurrencies were perfect allies was Silk Road. On this illicit website, buyers were able to find virtually anything illegal they would like to purchase going from materials to make bombs to stolen data.
Users were able to settle the transactions made within Silk Road by using Bitcoin (BTC) – back then, a newly created digital asset that could be stored outside the boundaries of the traditional financial system virtually and transferred anonymously. The creator of Silk Road, Ross Ulbricht, was eventually captured by the Federal Bureau of Investigation (FBI) and sentenced to two life sentences without parole benefits.
Some services nowadays keep track of the dark web and inform users if their personal or corporate data has been compromised. Companies such as CrowdStrike, Echosec, and SpyCloud are among the most popular providers.
Even though they may not be 100% effective at this task, their ongoing surveillance can be helpful if a breach is identified timely to prevent fraud and the resulting economic losses.
Other Related Articles: