Cybercrime in the Deep Web

Earlier, we published a blog post talking about the recent shut down of the Silk Road marketplace. There, we promised to release a new white paper looking at cybercrime activity on the Deep Web in more detail. This paper can now be found on our site here.

While the Deep Web has often been uniquely associated with The Onion Router (TOR), in this paper we introduce several other networks that guarantee anonymous and untraceable access —  the most renowned darknets (i.e., TOR, I2P, and Freenet) and alternative top-level domains (TLDs), also called “rogue TLDs.” We analyzed how malicious actors use these networks to exchange goods and examined the marketplaces available in the Deep Web, along with the goods offered.

Due to the large variety of goods available in these marketplaces, we focused on those that sparked the most interest from cybercriminals and compared their prices with the same kinds of merchandise found in traditional Internet underground forums, mostly Russian. We also discussed some of the techniques that researchers can use to more proactively monitor these so-called hidden parts of the Internet.

Here are some highlights from the paper in terms of underground pricing:

  • Credit cards can be purchased from US$10 to US$150  in various Deep Web marketplace. While the high-end figure here is comparable to prices in Russian underground forums, the low end is where we see the main difference. On Russian forums credit cards start for as little as US$2.
  • More stolen accounts and account information are sold in Russian underground forums than in TOR sites, although prices are comparable (US$126 for a US$1,000 account in TOR sites, versus US$100 for a US$1,000–2,000 account in underground forums).
  • Rates for counterfeit money depend on the amount purchased and can go from US$0.24 per counterfeit dollar (US$600 to buy 2,500 fake dollars) to half the value of fake money desired.
  • Fake documents can cost from US$200 for a fake U.S. driver’s license to US$5,400 for a fake U.S. passport, not to mention US$10,000 for U.S. citizenship.
  • Goods such as fake documents and counterfeit money seem to be lacking in the underground forum scenario or, at least, were much harder to find compared with the TOR space during our investigation.

The full details of our research can be found in the full paper, titled Deep Web and Cybercrime: It’s Not All About TOR.

Post from: Trendlabs Security Intelligence Blog – by Trend Micro

Cybercrime in the Deep Web

Read more: Cybercrime in the Deep Web

Story added 4. October 2013, content source with full text you can find at link above.