Investigation reveals growth of online black market

The online trade in credit card details, email addresses and tools used in cyber attacks is growing, an
Independent investigation has revealed.

Hackers and scammers are taking advantage of the ease with which they can set up online to make a "comfortable living" dealing on the black market. And some can make nearly £45,000 in a day selling devices used to take down and break into websites, claimed one seller.

"I personally wouldn't call [the trade] 'underground' as underground is defined as secretive. Buying credit cards now is like going up to your local gas station and buying a soda," said the merchant, who was speaking on condition of anonymity.

Experts say that those involved even operate under minimal cover, selling credit card details, names, addresses and passwords. "It's all for sale online, if you know where to look," said Brian Krebs, one of the leaders in research into the online black market.

The former Washington Post reporter, who now runs his own internet security blog, added: "I can point to 22 different sites that are selling stolen credit card data right now, and those are just the sites that I know of. There are plenty of places where you can buy that kind of thing."

He put the industry's growth down, at least in part, to an increase in the availability of what he called "crook-to-crook services"; people with technical expertise being paid to help those without it.

"That would cover services offered by those in the community to those who want to be," he said, adding: "For a small amount of money, you can set yourself up in business, selling stolen personal data. It is almost as easy for people to get started stealing credit card and identity info as it is for them to just go buy it online.

Although accurate figures do not exist, it is though that there is a greater number of people involved in the underground trade, both from the buyer's and seller's point of view. "It is so easy now for people to get into this line of business...often they do not even seem to realise the value of the information they have," said Mr Krebs.

The sheer number and value of the credit card transactions which take place online provide both greater incentive and greater opportunity to thieves, according to internet security firm Symantec. The company, which produces an annual report on online threats, found that, in 2008, there were two billion credit card transactions in the UK, worth a total of £126.3bn.

Mr Krebs explained that the majority of black market transactions take place in private, in online chatrooms or via instant messengers, but he said they might be initiated in public. One seller contacted by The Independent posted a message on his Twitter account, inviting bids for a "0-Day" - a weakness in a website, programme or app's security or a tool for exploiting a weakness.

That seller initially tried to broker a deal over a botnet when contacted by this newspaper. He said he expected the system, which he claimed automatically configures computers to take part in a Denial of Service attack (DoS), to sell for around £12,500.

In a bid to demonstrate the power of the botnet, the developer briefly took down a predesignated website, ostensibly via a DoS and achieved in a fraction of the time more traditional methods would be expected to take. He talked of his pride in his device saying that he felt it was worth "much more" than £12,500 but admitted he would have to be realistic and take the price he could get. "I'm just after the money, man," he said.

The cost of the basic details of a credit card is significantly lower, he said. Symantec reports that a single card can be bought for as little as 4p but, in some cases, could go as high as £60 per card, depending on the information available and the type of card on sale.

As part of its latest Annual Internet Security Threat Report, it said: "The wide range in prices may be a reflection of simple supply and demand, where higher bulk availability results in lower prices and rarer cards are advertised at higher prices. Main factors that influenced the prices included: the amount of information included with the card, rarity of the card type, quality or validity of the card, type of card, and bulk purchase sizes.

"As in previous years, corporate accounts were typically advertised for a higher price than personal accounts as these bank accounts often have larger balances than those of personal accounts."

The anonymous seller claimed that his most common customers are "private black marketers. People that run businesses that can use this to increase their profits or to give themselves an advantage over their competitors.

It is impossible to say whether recent high profile attacks on the likes of the Sony PlayStation Network, which have exposed personal data, including credit card details have themselves provided a greater supply of information on sale or a greater demand for hacking tools.

However, figures from Symantec suggest that the average number of web attacks has increased from a little more than five million per day at the beginning of January 2009, to a little fewer than 20 million per day in late 2010. Its latest report notes that, as people gain better protection against older methods of cyber attack, so must developers continue to advance their "toolkits" in a bid to "remain competitive and successful".

Arts & Entertainment
Madonna in her music video for 'Like A Virgin'
music... and other misheard song lyrics
News
newsOverheard in Waitrose: documenting the chatter in 'Britain's poshest supermarket'
News
The energy drink MosKa was banned for containing a heavy dose of the popular erectile dysfunction Levitra
news
News
Much of the colleges’ land is off-limits to locals in Cambridge, with tight security
educationAnd has the Cambridge I knew turned its back on me?
Sport
Australia's Dylan Tombides competes for the ball with Adal Matar of Kuwait during the AFC U-22 Championship Group C match in January
sportDylan Tombides was diagnosed with testicular cancer in 2011
Sport
Steven Gerrard had to be talked into adopting a deeper role by his manager, Brendan Rodgers
sportThe city’s fight for justice after Hillsborough is embodied in Steven Gerrard, who's poised to lead his club to a remarkable triumph
News
Ida Beate Loken has been living at the foot of a mountain since May
newsNorwegian gives up home comforts for a cave
Extras
indybest10 best gardening gloves
News
Russia's President Vladimir Putin gives his annual televised question-and-answer session
peopleBizarre TV claim
Arts & Entertainment
tvIt might all be getting a bit much, but this is still the some of the finest TV ever made, says Grace Dent
Arts & Entertainment
Comedian Lenny Henry is calling for more regulation to support ethnic actors on TV
tvActor and comedian leads campaign against 'lack of diversity' in British television
News
Posted at the end of March, this tweeted photo was a week off the end of their Broadway shows
people
News
peopleStar to remain in hospital for up to 27 days to get over allergic reaction
Arts & Entertainment
The Honesty Policy is a group of anonymous Muslims who believe that the community needs a space to express itself without shame or judgement
music
News
Who makes you happy?
happy listSend your nominations now for the Independent on Sunday Happy List
Life & Style
life
Have you tried new the Independent Digital Edition iPad app?

Day In a Page

How I brokered a peace deal with Robert Mugabe: Roy Agyemang reveals the delicate diplomacy needed to get Zimbabwe’s President to sit down with the BBC

How I brokered a peace deal with Robert Mugabe

Roy Agyemang reveals the delicate diplomacy needed to get Zimbabwe’s President to sit down with the BBC
Video of British Muslims dancing to Pharrell Williams's hit Happy attacked as 'sinful'

British Muslims's Happy video attacked as 'sinful'

The four-minute clip by Honesty Policy has had more than 300,000 hits on YouTube
Church of England-raised Michael Williams describes the unexpected joys in learning about his family's Jewish faith

Michael Williams: Do as I do, not as I pray

Church of England-raised Williams describes the unexpected joys in learning about his family's Jewish faith
A History of the First World War in 100 moments: A visit to the Front Line by the Prime Minister's wife

A History of the First World War in 100 moments

A visit to the Front Line by the Prime Minister's wife
Comedian Jenny Collier: 'Sexism I experienced on stand-up circuit should be extinct'

Jenny Collier: 'Sexism on stand-up circuit should be extinct'

The comedian's appearance at a show on the eve of International Women's Day was cancelled because they had "too many women" on the bill
Cannes Film Festival: Ken Loach and Mike Leigh to fight it out for the Palme d'Or

Cannes Film Festival

Ken Loach and Mike Leigh to fight it out for the Palme d'Or
The concept album makes surprise top ten return with neolithic opus from Jethro Tull's Ian Anderson

The concept album makes surprise top ten return

Neolithic opus from Jethro Tull's Ian Anderson is unexpected success
Lichen is the surprise new ingredient on fine-dining menus, thanks to our love of Scandinavian and Indian cuisines

Lichen is surprise new ingredient on fine-dining menus

Emily Jupp discovers how it can give a unique, smoky flavour to our cooking
10 best baking books

10 best baking books

Planning a spot of baking this bank holiday weekend? From old favourites to new releases, here’s ten cookbooks for you
Jury still out on Manchester City boss Manuel Pellegrini

Jury still out on Pellegrini

Draw with Sunderland raises questions over Manchester City manager's ability to motivate and unify his players
Ben Stokes: 'Punching lockers isn't way forward'

Ben Stokes: 'Punching lockers isn't way forward'

The all-rounder has been hailed as future star after Ashes debut but incident in Caribbean added to doubts about discipline. Jon Culley meets a man looking to control his emotions
Mark Johnston: First £1 million jackpot spurs him on

Mark Johnston: First £1 million jackpot spurs him on

The most prize money ever at an All-Weather race day is up for grabs at Lingfield on Friday, and the record-breaking trainer tells Jon Freeman how times have changed
Ricky Gervais: 'People are waiting for me to fail. If you think it's awful, then just don't watch it'

Ricky Gervais: 'People are waiting for me to fail'

As the second series of his divisive sitcom 'Derek' hits screens, the comedian tells James Rampton why he'll never bow to the critics who habitually circle his work
Mad Men series 7, TV review: The suits are still sharp, but Don Draper has lost his edge

Mad Men returns for a final fling

The suits are still sharp, but Don Draper has lost his edge
Google finds a lift into space will never get off the ground as there is no material strong enough for a cable from Earth into orbit

Google finds a lift into space will never get off the ground

Technology giant’s scientists say there is no material strong enough for a cable from Earth into orbit