The Real Deal: Investigating the Dark Web marketplace selling drugs, databases and exploit kits
Operating on the dark web, vendors are able to stay anonymous online.
Where do cybercriminals go to buy illegal drugs, exploit kits or stolen databases on the internet? One place is called The Real Deal.
The website, accessible via Tor and hidden from view for casual internet users, is an underground marketplace that specialises in illicit goods and services. Vendors are able to sell products relatively anonymously – and with over 40,000 registered users – business appears to be good.
First launched in April 2015, the site recently hit the headlines after hosting a spate of high-profile data breaches including Myspace, LinkedIn and Tumblr. Most recently, one vendor listed four separate entries attempting to shift millions of stolen healthcare records.
The marketplace, despite promising to create a cybercrime haven, had a turbulent genesis. In July last year, only a matter of months after launch, three of its four co-founders were caught up in a law enforcement operation dubbed Shrouded Horizon which quickly forced the site offline.
The police operation – which was a coordinated effort featuring agencies in 20 countries – arrested numerous suspected members of an underground malware forum called Darkode. Yet unlike Darkode, where members largely discussed malware and hacking, The Real Deal decided to take things one step further.
When it came back online, in December 2015, the website quickly gained notoriety for its focus on selling zero-day exploits – previously unknown security bugs that can be used to stealthily attack computer systems.
However, it offers more than that, and in recently months has perhaps become more associated – at least from the public perspective - with stolen databases more than any other type of content. Like everything on the website, these can be purchased with the cryptocurrency bitcoin.
Now when you log in, the site features a number of 'shops' including: drugs, databases, counterfeits, exploit codes, fraud, government data, tools, services and weapons. While most list a wide range of products, it should be noted that, at the time of writing, no actual weapons are for sale. Instead the website consists of manuals for guns rather than actual hardware.
Taking drugs as an example, it's a fairly standard dark-web affair, with popular products including cannabis, LSD, Heroin and pharmaceuticals. One listing, for "100% pure and uncut heroin" is being shipped from the Netherlands for 0.988Btc, which is equivalent to roughly £500 at the time of writing. Like an 'eBay for drugs', the vendor, using the name DutchCandy, has a 100% positive rating from previous buyers.
Additionally, the zero-day page currently lists nine security vulnerabilities – with some claiming to impact Microsoft Office, Apple ID passwords and the Telegram mobile application. The latter claims the flaw, being sold for roughly £3,800, can be used to alter messages sent via the service. Another major area is fraud with a multitude of vendors selling WordPress passwords and what purports to be stolen credit card information.
According to Jonathan Sander, a cybersecurity expert with Lieberman Software, the spread of these underground marketplaces is due to "a strange brew of assumed anonymity, misplaced trust, and overconfidence in technology."
He told IBTimes UK: "When someone who has grown up in the internet age pictures buying drugs on a street corner they feel much more exposed than if they are clicking around the dark web.
House of Cards
"They feel as if clicks on a website are somehow much more anonymous than a transaction on a street corner, when the reverse is likely true even on the darkest parts of the web. These people trust their own skills and the skills of those who are selling them things, but both are likely bad choices. Only the most skilled can truly hide themselves anywhere online when the real hunters come looking for them."
And, in many cases, administrators of these websites will eventually get a knock on the door from angry men with guns and badges. From well-known hackers like Jeremy Hammond to dark-web businessmen like Ross Ulbricht, the end of the tunnel often involves metal bars and handcuffs.
"The sellers are often risking everything to make a buck and simply trusting the technology to protect them," Sander added. "It's a house of cards when illegal trade flourishes online, but as long as that house produces profits people stay in it until the last card falls."
© Copyright IBTimes 2024. All rights reserved.