Years ago security researchers knew that the dark web would be a problem for security professionals and the general public. In case you are not familiar with the dark web, this is a special part of the Internet that is only available for access by means of using specialized software that protects the identity of the individual using the software, routing packets and data securely and where website operators remain mostly anonymous. The dark web is used by many individuals to include, Governments, hackers, spies, and normal people that are concerned about their privacy.
A recent look at dark web content revealed that 57% of the content was illicit content or in some way associated with illegal activities. In many cases this includes the sale of credit cards, guns, stolen subscription information, hacking software, child porn and other material deemed illegal in most countries.
Who Created the Dark Web?
The Dark Web was created by DARPA as a way to communicate and mask your identity and location. This research was useful for spies who could communicate in various ways back to their handlers. Just as quickly as the concept was made available to the public, malicious actors started using it to hide from the authorities. There have been several high profile attacks on the dark web in which specialized software was created to unmask TOR users. The network has been used by terrorist, Government agents as well as college students, businesses and others to be able to do research or carry out illegal activity without worrying about being identified.
One of the biggest issues with the dark web is that law enforcement, intelligence agencies and others have found ingenious ways in which to unmask users of the network. The network itself has remained relatively secure but the applications that are used to connect to TOR (the dark web) have been continually attacked just like on the regular Internet. The only way to stop this sort of activity is to use proprietary software to communicate on TOR. Several companies have written their very own communications software for just this reason and there are also open source options that have been peer reviewed and are highly secure.
The creation of a fully encrypted P2P network concept was designed to ensure that national security messages, such as launch orders, emergency communications, etc. had multiple paths to the destination and could be sent in a decentralized and anonymous manner if needed.
The Good of the Dark Web
With anything, technology has shown that it can be used for good or evil. In the case of the dark web, this is still true. Many countries block their citizens access to media and information that could impact their citizens. TOR (the dark web) allows individuals to access information in a secure and anonymous manner. A prime example of this is in China where the Government has blocked mainstream foreign news organizations that are critical of the Chinese Government.
TOR provides these users a method of reading unfiltered news and information from those countries that would otherwise be inaccessible. As you can see, it is useful for citizens to be able to have access to information in an unfettered manner.
Accounts are Cheap
Typically accounts are selling for around $1.00 each. While most of these accounts are credit card or PayPal accounts, we have also seen some instances where accounts are selling for as little as a few cents each. Servers that have been compromised are currently selling for between $10 -$30 depending on who owns the servers and bank accounts average around $20 per account.
Suntrust appears to be a common theme in many of these bank accounts so we suspect that Suntrust may be specifically targeted in the US market.
In this case a compromised host is shown with paypal, amazon, wellsfargo, ebay and again a common theme, a Suntrust bank account. Nearly all of the current ones we have observed included Suntrust which leads us to believe that it's more than just a coincidence.
As you can see, these ID's are for sale very cheap. They include everything needed to steal someones identify.
The threat actors have learned to stop putting the persons full name in their post to prevent credit card companies and banks from flagging or alerting making the account more valuable because chances are it will still be active when purchased by a malicious actor.
Preventing Identify Theft Tips
Here are a few tips to help prevent identity theft. [1]
Don't carry your social security number in your wallet or write it on checks
Do not response to unsolicited request for information
Ensure your computers are patched and running anti-virus programs
Freezing your credit report may help
Collect mail promptly, do not leave mail accumulate in your mailbox
Pay attention to your billing cycles and contact the sender if you receive a call from a fake "bill collector"
Enable two factor authentication on all of your accounts
Update firewall settings and make sure your network and computer is patched
Shred receipts, bills and financial documents before discarding
Use a VPN when you absolutely have to use public WIFI
Review credit card and bank statements carefully every month
Shred credit card offers if you do not personally respond yourself
Use complex passwords to prevent brute force of your accounts
Review your credit report at a minimum of annually
These are just some of the tips we recommend to make sure you stay safe in today's online digital world.
References:
[1] - Preventing Identity Theft - USA.GOV - https://www.usa.gov/identity-theft