Investigation reveals growth of online black market

The online trade in credit card details, email addresses and tools used in cyber attacks is growing, an
Independent investigation has revealed.

Hackers and scammers are taking advantage of the ease with which they can set up online to make a "comfortable living" dealing on the black market. And some can make nearly £45,000 in a day selling devices used to take down and break into websites, claimed one seller.

"I personally wouldn't call [the trade] 'underground' as underground is defined as secretive. Buying credit cards now is like going up to your local gas station and buying a soda," said the merchant, who was speaking on condition of anonymity.

Experts say that those involved even operate under minimal cover, selling credit card details, names, addresses and passwords. "It's all for sale online, if you know where to look," said Brian Krebs, one of the leaders in research into the online black market.

The former Washington Post reporter, who now runs his own internet security blog, added: "I can point to 22 different sites that are selling stolen credit card data right now, and those are just the sites that I know of. There are plenty of places where you can buy that kind of thing."

He put the industry's growth down, at least in part, to an increase in the availability of what he called "crook-to-crook services"; people with technical expertise being paid to help those without it.

"That would cover services offered by those in the community to those who want to be," he said, adding: "For a small amount of money, you can set yourself up in business, selling stolen personal data. It is almost as easy for people to get started stealing credit card and identity info as it is for them to just go buy it online.

Although accurate figures do not exist, it is though that there is a greater number of people involved in the underground trade, both from the buyer's and seller's point of view. "It is so easy now for people to get into this line of business...often they do not even seem to realise the value of the information they have," said Mr Krebs.

The sheer number and value of the credit card transactions which take place online provide both greater incentive and greater opportunity to thieves, according to internet security firm Symantec. The company, which produces an annual report on online threats, found that, in 2008, there were two billion credit card transactions in the UK, worth a total of £126.3bn.

Mr Krebs explained that the majority of black market transactions take place in private, in online chatrooms or via instant messengers, but he said they might be initiated in public. One seller contacted by The Independent posted a message on his Twitter account, inviting bids for a "0-Day" - a weakness in a website, programme or app's security or a tool for exploiting a weakness.

That seller initially tried to broker a deal over a botnet when contacted by this newspaper. He said he expected the system, which he claimed automatically configures computers to take part in a Denial of Service attack (DoS), to sell for around £12,500.

In a bid to demonstrate the power of the botnet, the developer briefly took down a predesignated website, ostensibly via a DoS and achieved in a fraction of the time more traditional methods would be expected to take. He talked of his pride in his device saying that he felt it was worth "much more" than £12,500 but admitted he would have to be realistic and take the price he could get. "I'm just after the money, man," he said.

The cost of the basic details of a credit card is significantly lower, he said. Symantec reports that a single card can be bought for as little as 4p but, in some cases, could go as high as £60 per card, depending on the information available and the type of card on sale.

As part of its latest Annual Internet Security Threat Report, it said: "The wide range in prices may be a reflection of simple supply and demand, where higher bulk availability results in lower prices and rarer cards are advertised at higher prices. Main factors that influenced the prices included: the amount of information included with the card, rarity of the card type, quality or validity of the card, type of card, and bulk purchase sizes.

"As in previous years, corporate accounts were typically advertised for a higher price than personal accounts as these bank accounts often have larger balances than those of personal accounts."

The anonymous seller claimed that his most common customers are "private black marketers. People that run businesses that can use this to increase their profits or to give themselves an advantage over their competitors.

It is impossible to say whether recent high profile attacks on the likes of the Sony PlayStation Network, which have exposed personal data, including credit card details have themselves provided a greater supply of information on sale or a greater demand for hacking tools.

However, figures from Symantec suggest that the average number of web attacks has increased from a little more than five million per day at the beginning of January 2009, to a little fewer than 20 million per day in late 2010. Its latest report notes that, as people gain better protection against older methods of cyber attack, so must developers continue to advance their "toolkits" in a bid to "remain competitive and successful".

News
Russia Today’s new UK channel began broadcasting yesterday. Discussions so far have included why Britons see Russia as ‘the bad guy’
tv

New UK station Russia Today gives a very bizarre view of Britain

News
John Moore inspired this Coca Cola Christmas advert
people

News
people

Top Gear presenter is no stranger to foot-in-mouth controversy

Arts and Entertainment
Imelda Staunton as Dolores Umbridge in the Harry Potter films
books

New essay by JK Rowling went live on Pottermore site this morning

News
ebooksAn unforgettable anthology of contemporary reportage
Life and Style
Jamie Oliver’s version of Jollof rice led thousands of people to post angry comments on his website
food + drink
Arts and Entertainment
Vividly drawn: Timothy Spall in Mike Leigh’s ‘Mr Turner’
film

Review: Mike Leigh's biopic is a rambling, rich character study

Arts and Entertainment
glastonbury
Arts and Entertainment
Shelley Duvall stars in Stanley Kubrick's The Shining
film
Arts and Entertainment
Shock of the news: Jake Gyllenhaal in ‘Nightcrawler’
film
Latest stories from i100
Have you tried new the Independent Digital Edition apps?

Day In a Page

The drugs revolution starts now as MPs agree its high time for change

The drugs revolution starts now as MPs agree its high time for change

Commons debate highlights growing cross-party consensus on softening UK drugs legislation, unchanged for 43 years
The camera is turned on tabloid editors in Richard Peppiatt's 'One Rogue Reporter'

Gotcha! The camera is turned on tabloid editors

Hugh Grant says Richard Peppiatt's 'One Rogue Reporter' documentary will highlight issues raised by Leveson
Fall of the Berlin Wall: It was thanks to Mikhail Gorbachev that this symbol of division fell

Fall of the Berlin Wall

It was thanks to Gorbachev that this symbol of division fell
Halloween 2014: What makes Ouija boards, demon dolls, and evil clowns so frightening?

What makes ouija boards and demon dolls scary?

Ouija boards, demon dolls, evil children and clowns are all classic tropes of horror, and this year’s Halloween releases feature them all. What makes them so frightening, decade after decade?
A safari in modern Britain: Rose Rouse reveals how her four-year tour of Harlesden taught her as much about the UK as it did about NW10

Rose Rouse's safari in modern Britain

Rouse decided to walk and talk with as many different people as possible in her neighbourhood of Harlesden and her experiences have been published in a new book
Welcome to my world of no smell and odd tastes: How a bike accident left one woman living with unwanted food mash-ups

'My world of no smell and odd tastes'

A head injury from a bicycle accident had the surprising effect of robbing Nell Frizzell of two of her senses

Matt Parker is proud of his square roots

The "stand-up mathematician" is using comedy nights to preach maths to big audiences
Paul Scholes column: Beating Manchester City is vital part of life at Manchester United. This is first major test for Luke Shaw, Angel Di Maria and Radamel Falcao – it’s not a game to lose

Paul Scholes column

Beating City is vital part of life at United. This is first major test for Shaw, Di Maria and Falcao – it’s not a game to lose
Frank Warren: Call me an old git, but I just can't see that there's a place for women’s boxing

Frank Warren column

Call me an old git, but I just can't see that there's a place for women’s boxing
Adrian Heath interview: Former Everton striker prepares his Orlando City side for the MLS - and having Kaka in the dressing room

Adrian Heath's American dream...

Former Everton striker prepares his Orlando City side for the MLS - and having Kaka in the dressing room
Simon Hart: Manchester City will rise again but they need to change their attitude

Manchester City will rise again but they need to change their attitude

Manuel Pellegrini’s side are too good to fail and derby allows them to start again, says Simon Hart
Isis in Syria: A general reveals the lack of communication with the US - and his country's awkward relationship with their allies-by-default

A Syrian general speaks

A senior officer of Bashar al-Assad’s regime talks to Robert Fisk about his army’s brutal struggle with Isis, in a dirty war whose challenges include widespread atrocities
‘A bit of a shock...’ Cambridge economist with Glasgow roots becomes Zambia’s acting President

‘A bit of a shock...’ Economist with Glasgow roots becomes Zambia’s acting President

Guy Scott's predecessor, Michael Sata, died in a London hospital this week after a lengthy illness
Fall of the Berlin Wall: History catches up with Erich Honecker - the East German leader who praised the Iron Curtain and claimed it prevented a Third World War

Fall of the Berlin Wall

History catches up with Erich Honecker - the East German leader who praised the Iron Curtain and claimed it prevented a Third World War
How to turn your mobile phone into easy money

Turn your mobile phone into easy money

There are 90 million unused mobiles in the UK, which would be worth £7bn if we cashed them in, says David Crookes