Weeks after law enforcement agencies shut down three dark web marketplaces, a dark web surveillance firm warns the months ahead will prove vital in the anti-fraud fight as criminals learn and alter behaviour.
“The playing field changes in a few different ways,” says Ian Gray, director of intelligence of Americas at Flashpoint. “Whenever there’s a large shutdown, there’s usually a period of uncertainty and doubt in the cybercrime community. Criminals are concerned that everyone is law enforcement,” he says.
Earlier this month, the dark web marketplaces, Valhalla – also known as Silkkitie – and Wall Street Market were shut down in a global sting operation featuring French, Dutch, Finnish and German authorities and supported by Europol.
According to the release, Valhalla is one of the oldest marketplaces, operating on the Tor network since 2013, while Wall Street Market was the second largest dark web market allowing the trading of “drugs, stolen data, fake documents and malicious software” for bitcoin or the Monero cryptocurrencies.
While the shutdown should limit access to fraudulent data and malware, new marketplaces will quickly fill the gap and become more resilient, warns Gray.
“New services and platforms come up, and the same doubts are there, but they go away over time,” says Gray, “threat actors will likely continue to look at the takedown notices, the criminal complaint, key indictments, and try and see where the threat actors slipped up and perhaps use that to launch their own new marketplace.”
Gray points out that the administrators of the most recently shutdown sites had cross-contaminated cryptocurrency wallets across different marketplaces, allowing law enforcement to identify their true IP address and servers.
The next year will be testing times from cybercriminals as the dust settles and lesser known markets become familiar and trusted, all the while ensuring their online aliases remain anonymous yet verifiable to fellow criminals looking to trade.
“In some ways, it’s becoming easier [to identify fraudsters],” says Gray. “If a lot of these shutdown marketplaces have unencrypted logs, which a lot maintain, they might be able to track identities and aliases over time.
“People want to verify themselves on these anonymous networks, which they do by having common acquaintances, people vouching for them using similar indicators, and usually a consistent alias,” he says.
Gray believes cybercriminals will migrate towards decentralised and open-sourced technologies to ensure their online aliases remain secure and untraceable, while cryptocurrencies and encrypted forums offer a degree of trust and verifiability.
“If they feel safe when using a technology, be that a decentralised platforms or newer privacy cryptocurrency, that will almost inform where threat actors will move,” says Gray. “Threat actors are thinking about the cheapest and easiest way. If it promises privacy, security and a certain amount of convenience they’ll use it.”
Quantum computing, a technology that banks have recently began to show interest in, is tipped to change the cybersecurity game as it would be able to break current encryption.
Asked if there were a risk cybercriminals would harness quantum technology to satisfy their need for anonymity yet verifiability, Gray says that cybercriminals are “pretty far off” based on how complicated the technology is to understand. Gray does however think that if quantum computing is available on the legitimate market, it could also be used in the dark markets.
“Technology doesn’t evolve piecemeal as a whole but rather there’ll be new products and new competitors in the private sector that will be adopting this technology for their own resources in larger technology companies.
“Those legitimate platforms might also be used for fraud. If it’s easy and scalable and threat actors feel secure, and law enforcement have difficulty breaking it, threat actors will likely use it,” he says.
Whitepapers
Related reading
Payments sector divided over SCA deadline
The European payments industry is at odds over whether the December launch of secure customer authentication (SCA) should be maintained. “Pushing back ... read more
Central banks best suited to issue digital currencies
By Aaran Fronda A recent report by the Official Monetary and Financial Institutions Forum (OMFIF) said that central banks rather than private ... read more
Payments industry must adjust to heightened VAT reporting
New VAT reporting procedures will place an unnecessary burden on the payments sector, says Elie Beyrouthy, board member of the European Payments ... read more
Instant payments: innovations inbound for corporates
In 2020, instant payments look set to continue their current trajectory to become the biggest trend in payments. While these schemes already offer numerous benefits to corporates, leveraging innovations such as APIs and request to pay will go some way to unlocking their full potential, argues Michael Knetsch
