Prices of stolen data on the Dark Web

Share this…

Over the years, the McAfee Labs team has worked with IT security vendors, law enforcement and others to identify and evaluate numerous websites, chat rooms, and other online platforms, communities, and marketplaces where stolen data is bought and sold. Drawing on this experience, its researchers can now provide an overall assessment of the “state of the cybercrime economy” along with illustrations of key types and prices of data.

card number

McAfee Labs examined pricing for stolen credit and debit card data, bank account login credentials, stealth bank transfer services, online payment service login credentials, premium content service login credentials, enterprise network login credentials, hospitality loyalty account login credentials, and online auction account login credentials.

“Like any unregulated, efficient economy, the cybercrime ecosystem has quickly evolved to deliver many tools and services to anyone aspiring to criminal behavior,” said Raj Samani, CTO for Intel Security EMEA. “This ‘cybercrime-as-a-service’ marketplace has been a primary driver for the explosion in the size, frequency and severity of cyber attacks. The same can be said for the proliferation of business models established to sell stolen data and make cybercrime pay.”

Payment cards

Payment card data is perhaps the most well-known data type stolen and sold. McAfee Labs researchers found a value hierarchy in how this stolen data is packaged, priced and sold in the dark market. A basic offering includes a software-generated, valid number that combines a primary account number (PAN), an expiration date and a CVV2 number. Sellers refer to a valid number combination as a “Random.” Valid credit card number generators can be purchased or found for free online.

Prices rise when the offering includes additional information that allows criminals to accomplish more things with the core data. This includes data such as the bank account ID number, the victim’s date of birth, and information categorized as “Fullzinfo,” including the victim’s billing address, PIN number, social security number, date of birth, the mother’s maiden name, and even the username and password used to access, manage and alter the cardholder’s account online.

“A criminal in possession of the digital equivalent of the physical card can make purchases or withdrawals until the victim contacts the card issuer and challenge the charges,” continued Samani. “Provide that criminal with extensive personal information which can be used to ‘verify’ the identity of a card holder, or worse yet allow the thief to access the account and change the information, and the potential for extensive financial harm goes up dramatically for the individual.”

Payment service accounts

The prices for compromised online payment service accounts appear to be dictated solely by account balance. This is likely due to their limited uses and scenarios for exploit. Account login credentials for accounts containing from $400 to $1,000 have been estimated to cost between $20 and $50, while login credentials for accounts containing from $5,000 to $8,000 range from $200 to $300.

online payment

Bank login credentials

Cybercriminals can purchase banking login credentials and services allowing them to stealthily transfer stolen funds across international borders. McAfee Labs found login credentials for a $2,200 balance account selling for $190. Bank login credentials coupled with the ability to stealthily transfer funds to U.S. banks ranged from $500 for a $6,000 account balance, to $1,200 for a $20,000 account balance. United Kingdom transfers ranged from $700 for a $10,000 account balance, to $900 for a $16,000 account balance.

Online premium content services

The report also assesses dark market prices for account login credentials to online content services such as online video streaming($0.55 to $1), premium cable channel streaming services ($7.50), premium comic book services ($0.55), and professional sports streaming ($15). These relatively low price points suggest that cybercriminals have ramped up automated theft operations to make their cybercrime business models profitable.

Loyalty, community accounts

Some online services, such as login credentials to hotel loyalty programs and online auction accounts, would appear to be low value targets, but researchers found that these credentials are also offered for sale on the dark market. Apparently, these allow buyers to conduct online purchases under the guise of their victims. McAfee Labs researchers found a major hotel brand loyalty account with 100,000 points for sale for $20, and an online auction community account with high reputation marks priced at $1,400.

Source:https://www.net-security.org/