The underground hacking economy seems to be alive and well, say researchers for an IT firm. Joe Stewart, Dell SecureWorks’ Director of Malware Research for the Counter Threat Unit (CTU) and independent researcher David Shear decided to investigate the ‘dark marketplace‘, to find out what is selling and for how much.
Dell SecureWorks’ Counter Threat Unit (CTU) Director of Malware Research Joe Stewart and SecureWorks Network Security Analyst David Shear, who researched the Underground Hacker Markets a year ago, revisited the hacker underground to see if prices for stolen credit cards, fullz (a dossier of an individual’s credentials which can be used to commit identity theft and fraud), bank accounts and hacker services had gone up or down in price.
Stewart and Shear found that the most significant difference between the current hacker underground markets and those of 2013, is that the markets are booming with counterfeit documents to further enable fraud, including new identity kits, passports, utility bills, social security cards and driver’s licenses. Of course, these types of documents are required to commit many kinds of in-person fraud, whether it is buying high-end purchases with duplicated credit or debit cards at a retail outlet; applying for bank loans; committing check fraud; or attempting government fraud.
Other products, which were especially prominent on the underground markets this year, included Hacker Tutorials. Taking a cue from legitimate businesses, the hackers figured out that not only could they make money performing services, but they could make a little extra money teaching others.
Another trend was the number of hackers selling premium credit cards. With so many cyber breaches this year, reportedly involving the compromise of millions of credit and debit cards, it is not surprising to see premium credit cards so abundant in these dark markets.
The last finding of note is the focus by the underground hackers on customer service. Like any market, which is crowded with multiple vendors selling many of the same products and services, reputation of the vendor becomes critical to running a successful business. It looks like more hackers on the underground have realised this and are trying to distinguish themselves by offering prompt customer service and “100 per cent guarantees” on the stolen data they are selling.
There is no shortage of stolen credit cards, personal identities, also known as Fullz, and individual social security numbers for sale. However, the hackers have come to realize that merely having a credit card number and corresponding CVV code (Card Verification Value–the 3 or 4 digit number on one’s credit or debit card) is not always enough to meet the security protocols of some retailers. Hackers are also selling cardholders’ Date of Birth and/or Social Security Number. Having this additional information would allow a hacker to answer additional security questions or produce a fake identification, to go along with a duplicate credit card. VBV (Verified by Visa) data is also being sold. VBV is another password or piece of data assigned to Visa card holders to help defend against online fraud.
Stewart and Shear found that credit cards and personal identities for non-US residents continue to sell for more money than the credit cards and identities for US residents. In summary, for the most part, it does not appear that the types of hacker services and stolen data for sell on the hacker underground have changed dramatically in the past several years. The only noticeable difference is the drop in price for online bank account credentials and the drop in price for Fullz or Personal Credentials.
Visit: http://www.secureworks.com.
