Cybercrime Markets: What’s for sale in the online underworld?

Intel Security has published a study that aims to shed light on the business deals, negotiations and pricing involved in the hidden underworld of the cybercrime economy.

The Hidden Data Economy report (PDF), follows years of close work with law enforcement and ongoing monitoring of online platforms, communities and marketplaces where stolen data is hidden and sold.

The report contains details of what is available on the cyber black market, including PayPal accounts, credit/debit card data and more. Bank log-in details prices vary from $190 (£120) for an account worth $2,200 (£1,500) to $1,200 (£800) for one worth $31,000 (£20,000).

Average estimated price for stolen credit and debit cards ran at between $5 and $30 in the United States; $20 and $35 in the United Kingdom; $20 and $40 in Canada; $21 and $40 in Australia; and $25 and $45 in the European Union.

Prices rise when the offering includes additional information that allows criminals to attempt a more complete range of scams. This additional information can include data such as the bank account ID number, the victim’s date of birth, and information categorised as “Fullzinfo”, including the victim’s billing address, PIN number, social security number, date of birth, the mother’s maiden name, and even the username and password used to access, manage, and alter the cardholder’s account online.

Entire personal identities, including healthcare records, are traded online.

The report also assesses dark market prices for account login credentials to online content services such as online video streaming ($0.55 to $1), premium cable channel streaming services ($7.50), premium comic book services ($0.55), and professional sports streaming ($15). “These relatively low price points suggest that cybercriminals have ramped up automated theft operations to make their cybercrime business models profitable,” Intel Security notes.

Corporate users also at risk

Enterprises are also at risk, with hackers selling the ability to access large corporations, including banks and airlines, and critical infrastructure systems, such as hydroelectric plants.

Underground trading forums operate on reputation and promise to return payment for “faulty goods” like legitimate marketplaces. For example, illegal sellers list adverts in the same way as any legitimate seller would, offering guarantees on stolen credit cards.

Ironically, forums name and shame “bad sellers” who have sold stolen cards that don’t offer up what was promised, Intel Security reports.

“Like any unregulated, efficient economy, the cybercrime ecosystem has quickly evolved to deliver many tools and services to anyone aspiring to criminal behaviour,” said Raj Samani, CTO for Intel Security EMEA. “This ‘cybercrime-as-a-service’ marketplace has been a primary driver for the explosion in the size, frequency, and severity of cyber attacks. The same can be said for the proliferation of business models established to sell stolen data and make cybercrime pay.”

Intel Security Group’s McAfee Labs organisation examined pricing for stolen credit and debit card data, bank account login credentials, stealth bank transfer services, online payment service login credentials, premium content service login credentials, enterprise network login credentials, hospitality loyalty account login credentials and online auction account login credentials.

[tagcloud]