Dark web case study:
This is more than just a quest of curiosity. Our case study in collaboration with independent third-party researchers’ work may help you stay safer online and off. If we understand what types of data criminals can buy from hackers on the dark web, we will understand what types of threats we can face and what types of data we should be securing. Some basic stats about the market analyzed: Number of listings: >22,000; Number of factual sales: >720,000; Income from factual sales: >17.3 million USD. The analysis includes the types, prices and sources of those items and focuses on items that contain personal data (including financial data, online accounts, documents, and emails).
This is more than just a quest of curiosity. Our case study in collaboration with independent third-party researchers’ work may help you stay safer online and off. If we understand what types of data criminals can buy from hackers on the dark web, we will understand what types of threats we can face and what types of data we should be securing.
Some basic stats about the market analyzed:
Number of listings: >22,000;
Number of factual sales: >720,000;
Income from factual sales: >17.3 million USD.
The analysis includes the types, prices and sources of those items and focuses on items that contain personal data (including financial data, online accounts, documents, and emails).
Before we dive in, a word of caution: Do not attempt this at home under any circumstances. The dark web contains many malicious links and connections to illegal activity. The third-party cybersecurity research experts we worked with took significant precautions while performing this research.
A few things to note while reviewing this data:
In some ways, a dark web market is much like any other. Criminals who buy products on these criminal markets expect to make their money back and then some – the same way a tradesman might buy a tool at a hardware store.
The only problem, of course, is that they make their money by stealing it from innocent people. Therefore, analyzing these markets can give us a general idea of the damage that criminals can do with this stolen data in their hands.
Click on the graph on the right to see what categories and items were the most common.
The most commonly found item in the market was payment card data. That is not surprising as the previous NordVPN research showed that it can take as little as 6 seconds to brute-force (guess a number) a payment card:
The most expensive accounts were Binance (395 USD avg.), Kraken (384 USD avg.), and Crypto.com (350 USD avg.). Some were even more expensive than fiat bank accounts.
Copies of passports were the most expensive item at about 600 USD avg. However, prices varied greatly between countries, with Argentinian passports being the cheapest (9 USD) and Czech, Slovakian and Lithuanian passports tied for most expensive (3,800 USD).
Batches of email addresses are used to launch broad scams and hacks. The EU had the most expensive personal (11.4 USD avg.) and business (199.99 USD avg.) addresses, but interestingly enough, US voter emails were far more expensive (99 USD avg.) than voter emails from any other country.
Payment card data or mobile phone numbers cost around 10 USD. Another easy way for hackers to steal a user’s data or digital asset is credential stuffing. That is why online accounts come at a low price as well: a hacked Netflix account can be bought for 10 USD, an Uber account for 12 USD.
Experienced hackers know how to cover their tracks, so it’s nearly impossible to determine where many of these hackers operate from. However, we can tell where they “set up shop”. The locations where they declare their markets can tell us about where the demand for their products lies or where they have an easier time running their businesses.
For all of the fearsome terminology and criminal intent, these dark web markets on the face seem much like many other online markets. Here's an example of how a dark web market may look like:
Unfortunately, the incredibly broad scope of the data offered on these criminal markets makes it difficult to offer specific advice. However, there are some fundamental steps we can take.
Hackers get lots of data by targeting the websites and services you share your data with. You can’t personally secure the servers that store your data, but you can “vote with your wallet/feet.” Make your data security a priority. If a site or a service asks you for sensitive data, ask them tough questions about how they secure it and what they’ll do if they’re breached.
Request weekly bank statements or activate transaction notifications on your app. Turn up the security settings on all of your accounts so you know when login attempts are made from suspicious devices. Make use of any tools offered by the sites or services you use (a password manager NordPass, for example, offers a Data Breach Scanner that will tell you if your password is present in any breaches).
One side of the coin is knowing how to protect your data, and the other is knowing how to react quickly and effectively when your sensitive data is used.
If your password is long, it’ll probably be hard to guess. If it’s unique, then even if one of your accounts is breached, the rest will stay safe. With a collection of strong and unique passwords, you’ll stay more secure longer.
NordVPN began surveying citizens of different countries to learn about people’s digital habits. We’ll continue to update the numbers as more results come in. Here’s what we’ve found out so far.
Our analysis uses data provided by independent researchers to see just how widespread payment card data theft can be. Find out how thieves can get card details without ever even stealing them.
Eighty-seven percent of people surveyed are concerned about how the metaverse could affect their privacy. They think it might be easy for hackers to impersonate others (50%) and users’ identities won’t be legally protected (47%).