Law enforcement activity over recent years is eroding trust on the dark web and forcing cyber-criminals to try new tactics, according to new Trend Micro research.
The security vendor’s latest report, Shifts in Underground Markets, charts changes over the past five years, which has seen the takedowns of numerous marketplaces including Evolution, AlphaBay and Hansa.
Trend Micro found widespread concern among cyber-criminals frequenting such sites that police may be monitoring them or the administrators themselves may try an exit scam. Others complained of login problems and frequent DDoS attacks, which may also stem from law enforcement efforts.
In a bid to rebuild trust, a new site dubbed DarkNet Trust was created to verify vendors’ reputations by analyzing their usernames and PGP fingerprints. Other efforts include security measures such as direct (walletless) buyer-to-vendor payments, multi-signatures on BTC and Monero, encrypted messaging, and a ban on JavaScript, according to the report.
In the absence of a stable and secure forum to advertise their wares, some cyber-criminals are taking to gaming comms platform Discord and e-commerce platform Shoppy.gg to buy and sell.
Trend Micro principal security strategist, Bharat Mistry, argued that the firm expects to see new tools and techniques flood dark web sites going forward.
“AI will be at the centre of these efforts. Just as it’s being used by Trend Micro and other companies to root out fraud, sophisticated malware and phishing, it could be deployed in bots designed to predict roll patterns on gambling sites. It could also be used in deepfake services developed to help buyers bypass photo ID systems, or launch sextortion campaigns against individuals,” he explained.
“Some emerging trends are less hi-tech but no less damaging. Access to devices, systems and accounts is so common today that we’re already seeing it spun out in ‘as-a-service’ cybercrime offerings. Prices for access to Fortune 500 companies can hit as much as $10,000.”