Here's How a Hacker Can Sell 34 Million User Records on the Dark Web

The dark web has an underground marketplace that can be as active as some legitimate consumer-to-consumer e-commerce websites. Just a few days ago, a new infodump was put up for sale on one such dark web forum, offering 34 million user records, allegedly stolen from over a dozen companies.

So how exactly do the bad actors get hold of people's information to later sell it illegally online and make money out of it? There are a number of ways that this can happen.

One of the most lucrative ways hackers steal similar information is data breaches. A data breach exploits a vulnerability or security loophole in an online database, whether it belongs to a company or other organization. Once the database has been compromised, it's child's play for the hackers to copy whatever data they find in there - most commonly user information such as names, e-mail addresses, telephone numbers and sometimes even passwords or chunks of credit card payment information and transaction logs.

Another way that user data is stolen are phishing campaigns. Those entail sending thousands and thousands of malicious e-mail messages and hoping that the victims will either be intimidated enough by the message or naive enough to click the malicious links contained in the fake email. Phishing mail is usually constructed in a way that mimics legitimate company correspondence, in an attempt to earn the victim's trust and make them click the bad links contained in the message.

There are also the so-called smishing campaigns that use similar malicious links, nested in SMS messages sent to victims' phones. The end goal of a phishing campaign is to fool the user into filling out some sort of personal information or login credentials into a fake form that simply syphons the data entered to the bad actors.

One more way to steal information is through quietly sneaking malware onto the victim's computer, whether this is going to be a keylogger or some sort of banking Trojan or scraper. Once the malware is deployed and remains unnoticed on the victim's system, the bad actors running its command and control servers can do almost anything they want, depending on the type of malware installed, and steal a wide range of information from the compromised system.

What do the bad actors do with stolen information?

Infodumps that contain thousands or even millions of customer records are commonly put up for sale on the dark web. This sort of information is valuable to different groups of bad actors who can use it for malicious purposes. From password stuffing leaked credentials, to purchasing things online using stolen credit card information, to simply syphoning money from breached bank accounts, there are a number of ways bad actors can use this sort of data.

Personally identifiable information such as names, addresses and e-mails is also worth money when sold to the parties that need it. This information can later be abused for blackmail and extortion, as well as various other scams and frauds that can be organized in a very believable way, once the bad actors have sufficient stolen information.

This is why you should be continuously working on improving your personal digital security and minimizing your digital footprint as much as you can. Strong passwords, careful handling of e-mails and providing the minimum required information when you need a new account with a new service are good ways to make sure you are as safe as possible. Of course, keeping a fully-featured anti-malware application installed on your devices is also a huge help in staying safe.

November 5, 2020

Leave a Reply