The international law enforcement effort has led to a number of dark web takedowns and arrests, a reality that has sent a stern message to darknet cybercriminals that they are not untouchable.
Nonetheless, as much as global police operations have worked to disrupt the dark web economy to some significant degree, it turns out that cybercriminals have been forced to adapt their ways in anticipation of a rapidly evolving cybersecurity environment.
Apart from the majority of cybercriminals resorting to serving only trusted buyers as opposed to pursuing aggressive advertisement goals, threat actors are using innovation to create the next generation of dark web markets and operations.
Innovative Cyber Tools
Darknet markets ensure dynamism as far as the adoption of emerging tools is concerned. A great number of operators are moving to develop new and improved mechanisms to enable dark web commerce beyond law enforcement interference.
In highlight, cybercriminals are always looking to craft new tools for harvesting and exploiting stolen information, particularly personally identifiable information (PII), which will be used in fraud schemes across the world.
In this category, credential stuffing tools top the list of instruments being used by dark web actors to achieve scale and profitability online. The last few years have seen the transformation of credential stuffing tools to become formidable and advanced systems capable of simultaneous applications across multiple domains.
In technical terms, the above-mentioned tools are referred to as “account checkers” that come in different shapes and forms although they all use a similar standard of operation – darknet hackers scan lists of user login credentials to try and figure out a way to access various types of online accounts.
The automated account checkers of this era happen to be highly specialized tools designed to attack different classifications of online platforms, including gaming accounts, payment accounts or even product delivery accounts.
Usually, hackers will test diverse kinds of account checkers before they manage to identify a tool that best compromises organizational and individual cybersecurity to meet their specific cybercriminal needs.
It turns out that credential stuffing depends on the volume of attacks, that is, cybercriminal elements target as many online accounts as they can manage while using as minimal time as possible.
Nonetheless, even though the world of credential stuffing has developed into a complex discipline, there’s a host of cybersecurity mechanisms can be used by organizations to prevent unauthorized criminal access.
2FA Workarounds & Social Engineering
Apart from credential stuffing, cybercriminals have figured out a way to circumvent the two-factor authentication (2FA) security system – they bypass the system to achieve unauthorized account access by effecting changes to a user’s password to skip 2FA.
In addition, SIM swapping happens to be another mechanism used by hackers to bypass the two-factor authentication security system to target users. The technique involves a criminal’s request to the SIM service provider to assign a new SIM card to a mobile account that can be accessed by the cybercriminal.
To succeed, threat actors use simple social engineering techniques to convince a target service provider to grant their request – it often involves the hacker’s knowledge of a target user’s personal information that can be easily harvested by seasoned cybercriminals.
In the event that a hacker succeeds to achieve the desired SIM change, they will then be able to receive critical information that will eventually provide a lead into the sensitive data such as security keys.
Point to note, the recent dark web advancements have widened the scope of operation for most cybercriminals who can now access such tools and services for incredibly low price points. Inexperienced criminals can simply hire seasoned hackers off darknet sites to execute credential stuffing operations.