What are the major categories of crime committed on the darkweb? This quick post outlines the categories.
The major categories of crime committed on the dark web by cybercriminals are:
- Selling drugs, weapons, fake documents, other illegal items: The sale of illicit drugs, weapons and fake documents through darknet marketplaces. The sale of these items is facilitated by using Bitcoin and other cryptocurrencies, with packages sent through the postal system or left hidden in locations.
- Human trafficking and the sex trade: Organised crime groups such as the Black Death Group in Eastern Europe operate on the dark web and purportedly sell sex slaves in dark web auctions. In 2017 they abducted a British model lured to Milan from the UK with the promise of a modelling opportunity. She managed to contact the British consulate in Italy, and her abductors were arrested (Murali, 2019).
- Child Sexual Abuse Material (CSAM): CSAM is made and sold on the dark web through trading websites and marketplaces (although many darkweb marketplaces ban CSAM). The darkweb site Child’s Play had over 1 million profiles at its peak before it was shut down in 2016.
- Data dumps and data exfiltration: Stolen personal data can be purchased on marketplaces. This includes credit card information, phone numbers, email addresses, government data, or stolen credentials for services such as Netflix. Exfiltrated data and ransomware groups also post confidential data of organisations that fail to pay ransoms on the dark web.
- Hacking services: Malware-as-a-Service (MaaS), ransomware-as-a-service (RaaS), exploit kits, phishing services (fake websites, bulk email and SMS): Hacking services are offered in online marketplaces, as well as 0-day exploits and exploit kits. RaaS and MaaS are also sold as kits which are then quickly put together by cybercriminals to use in attacks. The ransomware behind the Colonial Pipeline attack was provided by such RaaS providers in Russia known as DarkSide (Osborne, 2021). Complete phishing services are also available that offer fake websites which impersonate real services for capturing credentials as well as bulk email and SMS services which are phishing friendly (Szathmari, 2020).
- *Denial of Service-as-a-service, botnets: Botnets are available for hire on the darkweb for as little as $10 an hour and can be used for large, distributed denial of service attacks on infrastructure (Cimpanu, 2018)
The availability of data dumps, hacking services and DDoS services are particularly detrimental to surface-web services. Breached credentials can be used in credential stuffing attacks against paid internet services such as video and music streaming (Bowen, 2020). Hacking, malware and ransomware mean that service providers and organisations must spend considerable time and money on protecting themselves against attacks, which ultimately leads in increased costs which are passed onto the consumer.