How cybercriminals sell credit card and VPN data on the dark web


Cybersecurity researchers have found VPN credentials to be the most expensive category of stolen data advertised.

Stolen credit card data, VPN access credentials, and other confidential information can be purchased for just $8 in dark corners of the web.

That’s according to researchers at SpiderLabs, the hacking and investigation team at cybersecurity firm Trustwave, who conducted an in-depth study into what cybercriminals charge for data stolen from the dark web.

In a blog post published this week, Trustwave said the team had found a repository of financial and identity records as well as VPN access to organizations being sold illegally online.

This activity impacts those whose data has been compromised. According to an FBI Internet Crime Report, reported incidents of credit card fraud in the United States resulted in nearly $173 million in losses for victims in 2021.

Why sell?

Why are these valuable documents being sold by cybercriminals when they can use the information themselves? The SpiderLabs team believes the answer lies in opportunity and convenience.

“Criminals are choosing to wholesale credit card and driver’s license information instead of cashing in quickly and avoiding the time and hassle of using assets,” the team wrote in the blog. .

“Generally, threat actor activity is divided into business areas, someone digs, attacks, and others sell data or extract user information and use it to get money. If the hacker computer or the group does not know how to use the stolen information, they sell it.

It has also been found that in most cases what is sold on a forum has already been sold or used by a hacker, which means that a buyer does not always get hacked data first hand.

In addition to credit card and bank account details, the stolen data sold on the dark web included social security numbers, driver’s licenses, passports, and accessing organizations through their VPNs.

VPN and bank account access

Data that can lead to bank accounts can cost between $100 and $3,000, SpiderLabs found.

“The higher the amount that can be stolen, the more expensive the purchase. Also, the price correlates with the ease of access to the bank account, as some banks might not be easier for a criminal to deceive,” he said.

VPN access credentials were the most expensive category of data SpiderLabs found sold on the dark web.

“It makes sense considering what a threat actor can do once inside an organization. Everything from stealing money, corporate espionage, stealing IP, Seeding malware and planting ransomware, are all on the table once access is gained.

In one case, the team found an ad asking for $5,000 for access to an unnamed corporate network. Another demanded $2,500 for VPN credentials from a Korean company with an estimated revenue of $7 billion.

“If a company has a strong cybersecurity defense, even that level of access may not be sufficient to cause serious harm,” SpiderLabs said. “The ability to use this access for malicious purposes will be limited in fairly restrictive environments, use network segmentation and check for anomalies.”

10 things you need to know straight to your inbox every weekday. Sign up for the brief dailythe summary of essential science and technology news from Silicon Republic.


About Author

Comments are closed.