Darknet: Where Your Stolen Identity Goes to Live

Almost everything is available on the Darknet -- drugs, weapons, and child pornography -- but where it really excels is as an educational channel for beginning identity thieves.

Itay Glick, CEO & Co-founder, Votiro

August 19, 2016

5 Min Read
Dark Reading logo in a gray background | Dark Reading

How much is a human life worth? If you ask folks on the Darknet, the answer could be as little as a nickel—when ordered in bulk, that is. Orders for identities in packages of up to 100 could cost as much as 25¢ apiece. A merchant with a store on AlphaBay Market has been advertising a “USA Personal Info” kit that consists of names, addresses, phone numbers, Social Security numbers, bank account information, and so on, and is “guaranteed fresh!”

The merchant’s 3,800 buyers agree. “Thanks for the $^$#&$ price,” says one satisfied customer, with others calling the data dump “awesome,” “legit information,” and “A+.” To be fair, one customer was not entirely satisfied: “Request more FL listings,” but otherwise, the customer commented, “Everything is perfect.”

If you're in the market for stolen identities, you can find all you want on AlphaBay, one of the premier marketplaces on the Darknet. The market is just a few clicks away—all you need to get there is the Tor browser. In the past, people used Tor mainly to access Internet sites without being monitored by Internet service providers or, worse, by governments. In places like Iran and China, where the government tries to limit Internet access, Tor enables residents to access forbidden sites such as Facebook. But Tor is also used to access Darknet markets, where all manner of illicit goods and services are bought and sold.

After installing Tor, you’ll see that connecting with sellers like Zloy3 in the Darknet is fast, simple, and secure. But secure is the one thing you can't say about identities. They are the gift that keeps on giving. Whereas hacked credit cards tend to be good for a single use at most, because the bank or victim usually catches on fairly quickly, stolen identities can be used multiple times in multiple ways.

In addition, victims may not even learn that their identity has been stolen until major damage has been done to their finances, reputation, and credit rating. The task of notifying the various authorities that one’s identification documents are being used illegally takes additional time and much effort; in the meantime, the criminals are exploiting the victim’s identity in as many ways as possible. A fake application for a credit card doesn't affect the victim, but racking up charges with a credit card number that the victim doesn't even know exists is a different matter altogether, providing a much better return on investment for cybercrooks.

How to be an identity thief
While almost everything is available on the Darknet—drugs, weapons, and child pornography, for example—it excels as an educational channel for beginning identity thieves, offering resources and tools that almost guarantee success. The easiest route for a cybercriminal, of course, is to buy identity information from one of the thousands of peddlers in the Darknet marketplace, but that method requires a measure of trust; you have to have faith that the cybercrook who stole all the data will be honest enough not to cheat you. Understandably, many cybercrooks prefer to do identity “shopping” on their own, gathering information from databases to ensure the authenticity of the product. The Darknet is there to help them.

One of the most common methods of stealing identities begins with spearphishing email messages. Once a hacker has carried out a successful attack, everything within the organization’s network, including identity information, is accessible. For example, some 8 million people had their passport numbers and other valuable information stolen by cybercriminals who managed to penetrate one of Japan's biggest travel agencies, JTB Corp. The breach was apparently initiated when a JTB employee opened an attachment to a spearphishing email message purporting to contain travel information. The attachment was a Microsoft Word document with an embedded zero-day exploit that opened the door to the company’s network and databases.

Hackers who are preparing spearphishing attacks can also find useful ideas in one of the many social-engineering guides that are available on the Darknet and even on Amazon.com, with prices as low as $4 on the Darknet.

The point of stealing all that data, of course, is to make money from it, and the Darknet tells you how to do that. A novice hacker would probably benefit from packages like “Easy Security for Carding, Hacking and General / 25 guides in ONE!!! 3 DAYS FOR FREE” or “Ultimate Fraud Package – 6500 items – 2016 + FREE GIFT!” The latter, says the merchant, is “a super big package containing everything you can think of—eBooks, tutorials, guides about Bitcoin, PayPal, Bank Transfers, Hacker Tutorials, Carding, Fraud, Cashout Tutorials, Anarchist Handbook.” The price of this apparently college-level identity-theft course is a mere $9.99.

According to that merchant, 5,109 copies of the Ultimate Fraud Package have been sold since November 21, 2015, and the merchant's rating page is full of accolades, such as “Very good information and instant delivery,” “Thank you for all the good stuff,” and “Frigging bad English in some of his files but overall good! Thx!”

Once a hacker has learned the tricks of the trade, it's time to expand. Hackers who want to grow their business can use the Services section on AlphaBay and other Darknet markets to find competent personnel. One hacker, for example, offers “quality thefting services, new method to avoid CO.UK police reports with high amounts.”

Unfortunately, there is little individuals can do to protect themselves from identity thieves lurking on the Darknet to do them harm. For organizations, the best strategy is to educate users, consumers and protect personal data with the latest cybersecurity solutions.

Related Content:

 

 

About the Author

Itay Glick

CEO & Co-founder, Votiro

Itay brings to Votiro more than 15 years of executive management experience in cybersecurity at global technology companies based in the U.S., Europe, and Asia. Prior to co-founding Votiro, he played a key role in managing the development of equipment for the lawful interception market on behalf of Verint Systems (NASDAQ: VRNT). Itay launched his career as a software engineer in an elite intelligence unit of the Israel Defense Forces.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights