Underground markets and forums have evolved over a decade as an avenue for selling malware, compromised accounts, and huge databases of valuable information. These marketing places are rich resources for cybercriminals seeking ways to monetize themselves. For example, the coronavirus pandemic has inspired many underground actors to generate revenue by selling fake respirators and fake medicines. The markets are also seeing a significant increase in fraud goods or services that can be used to conduct social engineering scams using the words ‘Coronavirus’ or ‘COVID-19’.

What is at stake?

  • According to Trend Micro, the underground forums are gold mines for cybercriminals, giving them access to a trove of sensitive data such as leaked documents, hacking tools, stolen credit card, and user credentials.
  • Currently, stolen accounts related to banking, social media, streaming services, and music services are the top offering on the dark web.
  • Apart from these, gaming-related content and credit card details are also in demand on the dark web.
  • Access-as-a-service is also gaining popularity among cybercriminals. These kinds of services offer different levels of access to cloud storage services, email accounts, administrative panels, and even networks of companies.

Promoting fake propaganda becomes easy

  • Fake news and cyber propaganda services that can allow large scale social media manipulations are also sold at extremely low prices. 
  • Malicious actors can manipulate a certain message or agenda on social media by adding readily available fake comments, bogus social media likes, and more.

Emerging scenarios

  • With the shut down of many underground marketplaces, particularly in 2019, site administrators are looking for ways to shift to other platforms. 
  • In the past two years, the messaging application Telegram was the main channel for communication between buyers and sellers. However, Discord has become a new platform for dor sellers to communicate.
  • Forums and marketplace administrators have created their own Discord servers and channels to offer the same illegal goods and services for the same prices.  
  • Apart from these, site administrators are adding new security features such as walletless markets, multi signatures on BTC and Monero, and no-Javascript policies to increase the visibility of the dark web forums. 

More daunting situations

With so much happening in underground markets and forums, researchers foresee several new additions that can open new cyber threats worldwide. These include:
  • Deepfake ransomware will be the new weapon for sextortion scams.
  • Proliferation in SIM card hijacking targeting high-level executives
  • Deepfake images and videos that can be used to undermine the reputation of senior executives or high-profile celebrities.

Cyware Publisher