Darknet markets make millions in revenue from selling stolen personal data, supply chain study reveals

It’s common to hear reports of major data breaches, but what happens when your personal information is stolen? Our research shows that, like most legal goods, stolen data products pass through a supply chain consisting of manufacturers, wholesalers and consumers. But this supply chain involves the interconnection of multiple criminal organizations operating in illegal underground markets.

The supply chain for stolen data starts with the producer – hackers who exploit vulnerable systems and steal sensitive information such as credit card numbers, bank account information and social security numbers. The stolen data is then advertised by wholesalers and distributors who sell the data. Finally, the data is purchased by consumers who use it to commit various forms of fraud, including fraudulent credit card transactions, identity theft, and phishing attacks.

This trade in stolen data between manufacturers, wholesalers and consumers is facilitated by darknet marketplaces, which are websites that resemble regular e-commerce websites but are only accessible with special browsers or authorization codes.

We found several thousand sellers selling tens of thousands of stolen data on 30 darknet marketplaces. These sellers had more than $140 million in revenue over an eight-month period.

Darknet markets

Just like traditional e-commerce sites, darknet marketplaces provide a platform for sellers to connect with potential buyers to facilitate transactions. Darknet markets, however, are notorious for selling illicit products. Another key difference is that accessing darknet markets requires the use of special software such as Onion Router or TOR, which ensures security and anonymity.

Silk Road, which emerged in 2011, combined TOR and Bitcoin to become the first known darknet market. The market was eventually seized in 2013, and founder Ross Ulbricht was sentenced to two life sentences plus 40 years without the possibility of parole. Ulbricht’s lengthy prison sentence did not seem to have the intended deterrent effect. Multiple markets have emerged to fill the gap, creating a thriving ecosystem that profits from stolen personal data.

The Stolen Data Ecosystem

Recognizing the role of darknet markets in the trade in stolen data, we conducted the largest systematic examination of the stolen data market that we are aware of to better understand the size and scope of this illicit online ecosystem. To do this, we first identified 30 darknet marketplaces that advertise stolen data products.

We then extracted information about stolen data from the market on a weekly basis for eight months, from September 1, 2020 to April 30, 2021. We then used this information to determine the number of sellers selling stolen data, ie. the number of stolen advertised products with data, the number of products sold and the amount of revenue generated.

In total, there were 2,158 sellers who advertised at least one of 96,672 products in 30 markets. Sellers and product listings were not equally distributed across markets. On average, the marketplaces had 109 unique vendor aliases and 3,222 product listings associated with the stolen data. Marketplaces recorded 632,207 sales in these marketplaces, generating $140,337,999 in total revenue. Again, there are wide variations in the markets. On average, the marketplaces had 26,342 sales and generated $5,847,417 in revenue.

After assessing the aggregate characteristics of the ecosystem, we analyzed each of the markets individually. In doing so, we discovered that a handful of markets were responsible for trading the majority of stolen data. The three largest marketplaces – Apollo, WhiteHouse and Agartha – contained 58% of all sellers. The number of ads ranged from 38 to 16,296, and the total number of sales ranged from 0 to 237,512. The market’s total revenue also varied significantly over the 35-week period: it ranged from $0 to $91,582,216 for the top performing market, Agartha.

By comparison, most mid-sized companies operating in the US earn between $10 million and $1 billion annually. Both Agartha and Kartel earned enough revenue in the 35-week period we tracked to characterize them as mid-sized companies, with earnings of $91.6 million and $32.3 million, respectively. Other marketplaces such as Aurora, DeepMart and WhiteHouse were also on track to generate mid-sized company revenue if given a year to break even.

Our research details the thriving underground economy and illegal supply chain that enable darknet markets. As long as data is routinely stolen, there will likely be markets for the stolen information.

These darknet markets are difficult to directly disrupt, but efforts to prevent buyers of stolen data from using them offer some hope. We believe that advances in artificial intelligence can provide law enforcement agencies, financial institutions and others with the information they need to prevent stolen data from being used to commit fraud. This could stop the flow of stolen data through the supply chain and disrupt the shadow economy that profits from your personal data.


Christian Jordan Howell, assistant professor of cybercrime, University of South Florida and David Maimon, professor of criminal justice and criminology, Georgia State University

This article is republished from The Conversation under a Creative Commons license. Read the original article.

Source link

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button