Blog
Pricing of Goods and Services on the Deep & Dark Web
The Deep & Dark Web facilitates an expansive and dynamic underground economy shaped by the diverse skills and motivations of a wide range of adversaries. The forums and marketplaces where illicit goods and services are exchanged have come to play an influential role in today’s cyber and physical threat landscape by providing access to the means to carry out various attacks and schemes.
The Deep & Dark Web facilitates an expansive and dynamic underground economy shaped by the diverse skills and motivations of a wide range of adversaries. The forums and marketplaces where illicit goods and services are exchanged have come to play an influential role in today’s cyber and physical threat landscape by providing access to the means to carry out various attacks and schemes.
The availability of illicit goods and services on the Deep & Dark Web enables a more efficient and democratized cybercriminal underground where adversaries can pay other actors to fill gaps in their own capabilities. To provide defenders with enhanced context surrounding the current state of the underground economy, Flashpoint analysts gathered observational research to provide pricing examples for the following goods and services:
• Fullz: These complete sets of personally identifiable information (PII), which are typically used to support a wide variety of fraudulent schemes, are abundant and inexpensive for purchase on the Deep & Dark Web.
• Exploit Kits: Often used to deliver payloads containing ransomware, banking Trojans, and other types of malware, exploit kits have become increasingly popular among less-skilled adversaries seeking to infect multiple users with relative ease.
• DDoS-for-Hire: Like exploit kits, the introduction of DDoS-for-hire services to Deep & Dark Web forums has significantly reduced barriers to entry for amateur adversaries keen on waging an attack.
• Remote Desktop Protocol (RDP) Servers: Over the past several years, compromised RDPs have become increasingly popular commodities on the Deep & Dark Web because they can serve as a vector for initial penetration of a targeted network.
• Card Data: Many Deep & Dark Web card shops offer both “cards” and “dumps,” often sourced directly from malware-infected or skimmed point-of-sale (POS) terminals.
• Bank Logs: Access to online bank accounts is typically sold at a price that reflects the bank account’s available balance.
• Passports: Illicit U.S. passports are sold in three formats on Dark Web marketplaces: digital scans, templates, and physical travel documents.
The inner workings of this underground economy continue to shape many of the risks facing organizations today. While the prices of the goods and services exchanged within these forums and marketplaces can be complex, unstable, and laden with unexplained discrepancies, gaining insight into the context surrounding such pricing can and should inform the security and risk strategies of organizations across all sectors.
Download our latest research paper for an in-depth look at how these illicit goods and services are priced on the Deep & Dark Web.