Privacy Affairs, a data protection information provider, discovered hundreds of samples of data sold on the dark web for prices ranging from $ 25 to $ 6,000, depending on the sensitivity of the data the “customer” wants to buy.
Threat operators, in addition to hacking tools and malware samples, are selling leaked or stolen personal information on clandestine dark web forums, such as credit card numbers, bank usernames and passwords and social media credentials.
According to a recent Privacy Affairs investigation in several darknet stores, private data related to organizations like NASA, McDonald’s, Visa, MasterCard, Microsoft and Google were found being sold on the dark web. The researchers examined several dark web markets and created a Dark Web Price Index, which brings up a price menu of various stolen information.
Cybercriminals also try to attract customers with “buy one, take one” discounts and promotions for basic user information and financial details. The Privacy Affairs Department of Privacy Affairs found that bank account logins cost an average of $ 40, while credit card details, including associated data, cost $ 14 to $ 30. A full range of documents and details accounts can be obtained for $ 1,000.
“With the massive influx of offers, buyers seem to be gravitating towards bigger and more reliable sites, like the White House, which leads the market for selling leaked or stolen information. The dark web forums are even beginning to parody traditional markets with offers such as, “whoever buys two cloned credit cards, wins one for free!”, The researchers said.
New data added regularly
Privacy Affairs found that there is a lot more sensitive data being sold this year compared to last year. Fake identification, cloned credit cards, hacked encrypted accounts and Uber accounts are the newest sales offers on the dark web this year.
“Hacked encrypted accounts appear to be one of the most valuable items to buy. Due to the exorbitant prices of Biticoin and other cryptocurrencies, hacked accounts can generate large sums of money, protected by relaxed security measures after the initial verification process, “said the researchers.
They also found that operators in the dark net market are not accepting Bitcoin payments and have started demanding payments in Monero, in addition to communicating only using PGP encryption to avoid tracking and detecting law enforcement officers.
| Average product price sold on the dark web |
||
| Category | Product | Average price |
| Credit card details | Mastercard card cloned with PIN | $ 25 |
| American Express card cloned with PIN | $ 35 | |
| Visa card cloned with PIN | $ 25 | |
| Credit card details, account limit up to $ 1,000 | $ 150 | |
| Credit card details, account limit up to $ 5,000 | $ 240 | |
| Credit card details hacked (global) with CVV | $ 35 | |
| Bank account details | Stolen bank account logins, minimum $ 100 in account | $ 40 |
| Stolen bank account logins, minimum $ 2,000 in account | $ 120 | |
| Payment service data | Details of stolen PayPal account, with a minimum of $ 100 | $ 30 |
| Details of stolen PayPal account, with a minimum of $ 1,000 | $ 120 | |
| PayPal transfers from stolen account, from $ 100 to $ 1,000 | $ 50 | |
| PayPal transfers from stolen account, from $ 1,000 to $ 3,000 | $ 340 | |
| PayPal transfers from stolen account, $ 3,000 or more | $ 180 | |
| Social media data | Facebook account hacked | $ 65 |
| Instagram account hacked | $ 45 | |
| Hacked Twitter account | $ 35 | |
| Hacked GMail account | $ 80 | |
| Instagram followers x 1,000 | $ 5 | |
| Spotify followers x 1,000 | $ 2 | |
| LinkedIn company page followers x 1,000 | $ 12 | |
| Pinterest followers x 1,000 | $ 4 | |
| Hacked service data | Uber driver account hacked | $ 14 |
| Uber user account hacked | $ 8 | |
| Netflix account hacked – 1 year subscription | $ 44 | |
| Hacked HBO account | $ 4 | |
| Malware | Premium Malware x 1,000 | $ 5,000 |
| Global low quality malware, low success rate x 1,000 | $ 50 | |
| Global medium quality malware, 70% success rate x 1,000 | $ 80 |
