Underground hacker markets are booming with counterfeit documents, premiere credit cards, hacker tutorials, and "complete satisfaction guarantees", according to a new report from Dell SecureWorks.
The means to create a false identity are easily purchased through the cracker bazaars. A fake social security card can be obtain for around $200, with supporting documents as additional proof of ID offered for an additional charge.
More ReadingTat bazaar eBay confirms: THOUSANDS of workers will be AXEDInsert 'Skeleton Key', unlock Microsoft Active Directory. Simples – hackersA life of cybercrime, a caipirinha and a tan: Fraudsters love a BrazilianKER-CHING! CryptoWall ransomware scam rakes in $1 MEEELLIONStolen CREDIT CARD details? Nah... crooks desire your PRIVATES
Between December last year and this June, over 1,500 fake driver’s licences were purchased from a criminal network monitored by Dell researchers at a net cost of $232,660.
Dell SecureWorks' Counter Threat Unit (CTU) director of malware research Joe Stewart and SecureWorks network security analyst David Shear completed a similar study of the underground hacker market last year. They revisited the hacker underground to see if prices for stolen credit cards, fullz (a dossier of an individual's credentials which can be used to commit identity theft and fraud), bank accounts, and hacker services had gone up or down in price.
Shear and Stewart looked at dozens of hacker markets before focusing in on four or five of the most popular markets that garner a lot of traffic, because the bazaars have good reputations while offering a wide range of goods and services. Each souk offered good escrow services — so unscrupulous sellers aren't able to run off with punters' cash, because payment is only made when buyers confirm whatever they bought is valid and good.
Shoppers usually have 24 hours to cancel the purchase. These sites are commonly invite-only and international.
"These sites are global, and one really does not know where they are physically being hosted exactly," a spokesperson for Dell SecureWorks explained.
"And although all of the sites are in English, it is quite apparent when communicating with those selling the goods and services, that many of them are foreign, including Russian, Ukranian, Eastern European. English, even in the underground, seems to be the international business language."
The most significant difference between the current hacker underground markets, and those of 2013, is a boom in counterfeit documents to further enable fraud, including new identity kits, passports, utility bills, social security cards and driver licenses. counterfeit documents allow crooks to apply for bank loans, commit cheque fraud or attempt government fraud, among other scams.
In fact, underground hacker markets are taking more or more tricks from legitimate outlets - such as eBay - in order to establish trust amongst the dishonest, who are there to trade stolen credit cards and personal details.
Despite a series of law enforcement takedowns, underground hacker markets continue to flourish. Moreover, those that are left are getting ever more professional, for example by adopting reputation-based systems and even guarantees to would-be credit card fraudsters that they won't be ripped off, as Dell SecureWorks explains:
Some sellers are introducing a 100 per cent Satisfaction Guarantee; should a fake credit card fail to withdraw $200, sellers will replace the card if they can replicate the error message. The sellers provide terms and conditions with each purchase, specifying circumstances where they can replace a rejected card.
Markets are catering to beginners. Tutorials on hacking are becoming common purchases, from a simple tutorial for $1 to a complete hacking kit for $30. These kits act as a beginner’s guide to hacking, explaining how exploits work.
The underground market studied by the security researchers restricts the sale of compromised bank accounts to "verified purchaser with a good track record". A high-value account containing around $75,000 - including verified credentials - is sold at the much lower price of $4,200, Dell SecureWorks reports.
The price for Remote Access Trojans (RATs) is considerably cheaper this year than last. They are currently running from $20 to $50 and the most popular include: darkcomet, blackshades, cybernate, predator pain, and Dark DDoser. Last year, RATs ranged in price from $50 to $250.
The current price for hacking into a website ranges between $100 to $200. Last year, the cost was between $100 to $300. The current price for hiring a hacker to knock a website offline is also slightly reduced from last year's prices. DDoS attacks cost around $60-$90 per day.
Unlike last year, Dell SecureWorks' said they are not seeing a lot of Doxing Services for sale. Doxing is when a hacker is hired to get all the information they can about a target, through social engineering, malware, information on social media, the web or other sources. The few hackers selling Doxing services are charging between $25 to $100. ®