A dangerous rise in gun and weapons trading conducted by Russian dark web markets Credit card, bank account, even social mediaӥ almost any credentials can be for sale and often for the right price are.
These stolen digital keys — which can contain an individual’s most sensitive online accounts from their email to their bank account — are the skeleton key for a widening array of cybercriminal activities, including extortion, bank fraud, identity theft and theft of intellectual property with potential for damage that ranges from a stolen identity to life in prison.
By now top cybersecurity companies have repeatedly pointed out the continuing supremacy of platforms such as “Russian Market” in trading stolen access. With many datasets having already been reused, the simplicity of the market and low prices – infostealer logs that can be bought for as little as $2 – keep a highly potent community of cybercriminals engaged.
The primary vector for credential theft continues to be through malware delivered via information-stealing malware attacks, as evidenced by the growing number of new and advanced infostealers created to bypass increasingly complex defenses.
The effect of this increase is potent. Swiped passwords are the first intrusion point for an array of digital harms, from ransomware and financial fraud to corporate espionage.
And more troubling—these hacked accounts are increasingly being used to make purchases of illicit goods, such as weapons, on the dark web. Because compromised machines can be used to obtain sensitive information and open pathways for additional attacks, they can ultimately become a means to purchase and sell illicit goods.
Web cybercrime actors make use of advanced tools to avoid detection, like the use of writable directories, obfuscated file names, and living-off-the-land techniques. The injection of cloud services into the business technology portfolio has exacerbated this, adding cloud-bound account credentials (especially with SaaS and SSO) into the mix.
Security experts have long warned that password managers will be a juicy target for hackers, especially in the foreseeable future as they manage both massive collections of complex passwords. Because digital identities are linked, a single hacked credential can trigger a chain reaction of breaches across various websites and companies.
This increasing threat highlights the need for strong and diverse cybersecurity defenses. Companies are encouraged to establish robust password policies, adopt multi-factor authentication (MFA), perform frequent security check-ups, and train personnel to recognize phishing and social engineering attempts.
Real-time dark web monitoring capabilities are also increasingly important to the market for identification and remediation of stolen credentials, by breaking the illicit supply chain before it can result in a larger-scale attack.
