The Hacker’s Economy
Written by Joseph Poppy on 01/03/2019
Selling data on the dark web
As any good penetration tester will tell you, compromising a confidential corporate database is a challenging hack more often than not, so why do hackers do it? Well, for the hundreds of millions of records containing personal information. Whilst this information can be used to commit identity theft, those who purloin such data tend to sell it on the dark web instead.
The dark web might sound like something from a cheap fantasy book, but there’s a lot of dodgy activities that goes on there. Personal data lifted from compromised databases (particularly email addresses) can be sold. Personal data is valuable as it can be used by those in the know to commit identity theft. Hotel chain Marriott was hacked in 2018 and 2020 (will they ever learn?), and the vast amount of data stolen, which included passport numbers, will certainly end up for sale on the dark web. A particular note-worthy case was 2020's easyJet hack, where the personal details of over 9,000,000 people fell into hackers’ hands.
In addition to this, email addresses can be sold on to enable fraudsters to commit phishing campaigns, which in turn could lead to identity theft or the spreading of malware for other monetisation streams, such as whaling (we’ll get to that later). That malware in question could be adware, cryptomining software or even our old friend ransomware. Speaking of which...
WannaCry alone is known to have earned hackers at least £108,000 in Bitcoin. This is a tidy sum, but the cost to businesses is of course much higher than this, as they must suffer loss of sales and cost of recovery. £100k is a good haul, so hackers are unlikely to let it go.
The value of cryptocurrencies can fluctuate wildly, and the profitability of mining them is affected considerably by how much it costs to run the mining rig. A single computer won’t help much in the grand scheme of things, so naturally, to make any real money out of mining Monero, people will need a lot of CPU. A lot of CPU will inevitably rack up quite the electricity bill. So, instead of home mining rigs, hackers have worked out that it’s more cost effective to use other people’s CPU to mine for them.
This approach has led to a cryptojacking epidemic. Racks of servers are obviously juicy targets, so businesses have been hit relentlessly by the trend. Monero is different in the sense that the algorithm used to mine it can be injected into the code of a website or browser, meaning that anyone who happens to visit the affected website will unwittingly provide their CPU to a mining pool. The current value (at time of writing) of XMR sits at $64. Obviously, it takes a long time – or a lot of CPU – to generate 1 XMR, but several hacking groups have found ways to earn thousands from these campaigns.
Grab your harpoon
We touched upon phishing earlier. This practise can easily cause a business no end of mischief. A more extreme version is whaling. Like phishing, whaling is the practise of sending an email in order to trick a user into doing something, only it specifically targets those higher up the chain of command. This is an easy way to commit CFO (or CEO) fraud by tricking a user into authorising a payment in response to a false invoice or simply stating that a wire transfer has to occur.
Surprisingly, some of these sextortion campaigns have been said to have earned $50k in the span of a week. Not bad for a simple bit of spam. This just goes to show that an extra bit of information can lend an air of believability to an email. Or some people have guilty consciences. The more data appearing in breaches, the more convincing these emails could become.
ISO 27001 and 9001 certified
Tigerscheme qualified testers
PCI DSS v3.2 Level 1
24/7 on-site Security
Get a quote today
If you’re interested in our services, get a free, no obligation quote today by filling out the form below.