Dark Web Cybercrime Trends and Tactics in 2023

Introduction

In this article, we will delve into the world of the dark web and explore the latest trends and tactics employed by cybercriminals in 2023. The dark web, with its anonymised web traffic, serves as a platform for both illegal activities and the promotion of free speech and open access to information. Understanding the evolving strategies of attackers can help cybersecurity teams strengthen their defences and protect against potential threats.

Dark Web Activity is on the Rise

The dark web continues to witness a surge in activity, with over 2.5 million daily visitors in 2023. It is estimated that more than half of these visitors engage in illegal activities. What is even more concerning is the recent increase in daily dark web visitors, which rose by 200,000 to reach 2.7 million in April 2023.

There are several reasons behind this surge in dark web usage. One factor is the rise in extortion exposure attacks, which has driven journalists and organisations to the dark web to check extortion exposure sites. Additionally, the availability of malware-as-a-service options has empowered cybercriminals with limited programming skills to engage in cybercrime. The anonymity provided by the dark web also attracts whistle-blowers who wish to share sensitive information with news outlets. Mainstream publications like the New York Times maintain a presence on the dark web to receive such tips, while other publications worldwide leverage the dark web to circumvent government-imposed Internet censorship. For instance, during the Russian-Ukraine conflict, citizens used dark web versions of social media to share information when traditional access was blocked.

The increased use of the dark web has also benefited cyber extortionists, who rely on traffic to their data leak portals and seek to build relationships with the mainstream media. It is evident that criminal activity on the dark web continues to grow, emphasising the need for organisations to enhance their security posture and defend against potential attacks.

Law Enforcement Crackdowns on the Dark Web

Law enforcement agencies have intensified their efforts to combat cybercrime on the dark web, resulting in significant victories in the past year. The establishment of the Joint Criminal Opioid and Darknet Enforcement Team (JCODE) in 2018 marked the beginning of coordinated international initiatives that have yielded noteworthy results. In May 2023, the Justice Department announced the success of Operation SecTor, a multinational operation aimed at disrupting fentanyl and opioid trafficking on the dark web.

Over the course of 2023, law enforcement agencies have dismantled various criminal entities operating on the dark web. The Hive hacking group was taken down in January, followed by the dismantling of the Genesis dark web marketplace and the arrest of 120 suspects in the spring. In early summer, the EncroChat mobile criminal forum was also busted. These achievements can be attributed to the adoption of sophisticated techniques that enable investigators to trace cryptocurrency wallets and mixers, facilitating the tracking of payments exchanged in dark web markets and other illicit activities. Despite these successes, cybercriminals continue to adapt and evolve their strategies.

Increasing Security Measures on the Dark Web

In response to the heightened law enforcement activities, accessing dark web hacker forums has become increasingly challenging. Forum administrators have always been cautious about newcomers and visitors, screening them to identify potential law enforcement agents. However, recent crackdowns have prompted dark web operators to enhance their vigilance and scrutinise applicants more thoroughly. Prospective members are now required to pass stringent verification and vetting processes, which may involve obtaining references from trusted members or verification tokens from reputable forums.

Moreover, some dark web forums and marketplaces now demand a significant cryptocurrency down payment to grant access to their services. This heightened security posture adopted by cybercriminals indicates their determination to remain active in the face of increasing law enforcement scrutiny, rather than exiting the cybercrime business.

Rise of Rating Services on the Dark Web

The prevalence of “exit scams” amongst dark web marketplaces has led to the growing popularity of rating services. Exit scams occur when marketplace operators abruptly shut down, absconding with funds from escrow wallets and leaving buyers and sellers empty-handed. To mitigate the risks associated with such scams, dark web visitors have turned to platforms like Dread, which resembles a dark web version of Reddit. Dread provides users with information on reputable dark net markets and their locations. By consulting Dread, individuals can gauge the credibility of various marketplaces. For example, during a recent visit to Dread, we discovered that the ViceCity dark web market was in the midst of an exit scam, while the Abacus market garnered nearly perfect customer reviews for its criminal offerings, ranging from guns and drugs to stolen data, forged documents, and hacker services.

Dread employs feedback percentages and ratings similar to those found on clear websites, enabling dark net vendors to establish their reputation within the criminal community.

Dealing with Dark Web Exposure

While it is not possible to scan the entire dark web comprehensively, scanning services can provide some insights and partial results. These services typically comb through data available on various dark web sources, offering useful information, particularly regarding historic breach data. However, they may not be effective in identifying recent breaches. For the latter, public sites like https://haveibeenpwned.com/ can be valuable resources for individuals to check if their information has been compromised.

If your information is found on the dark web, here are some steps you can take:

1. Don’t Panic! It is essential to remain calm and composed when faced with the discovery of your information on the dark web.
2. Change your passwords and create unique, strong replacements. Password reuse is a significant risk, as it increases the vulnerability to credential hacking attacks. Utilise a password manager to suggest and securely store passwords.
3. Enable strong multifactor authentication (MFA) whenever possible. MFA adds an additional layer of security to your accounts, making it more challenging for attackers to gain unauthorised access. Refer to our MFA tip sheet for more detailed guidance.
4. Stay vigilant against phishing, smishing, and vishing attempts. Once your information is exposed on the dark web, you may experience an increase in social engineering attacks, often accompanied by personalised information. Regular cybersecurity awareness training, including mobile security and phishing simulation tests, is crucial for organisations. Additionally, criminals are increasingly using stolen employee mobile phone numbers to launch attacks on employer networks, making mobile security best practices essential.
5. Monitor your credit report for any unauthorised activity or accounts if your personal information is stolen. Consider freezing your credit report for a year following a data breach to prevent unauthorised individuals from opening new loan or credit card accounts in your name.
6. Enhance security measures for financial accounts and mobile providers. Add additional authentication steps, enable challenge questions, and restrict access or privileges that are unnecessary.

By following these steps, individuals and organisations can mitigate the risks associated with dark web exposure and protect their sensitive information.

Conclusion

Understanding the latest trends and tactics employed by cybercriminals on the dark web is crucial for cybersecurity teams. In 2023, dark web activity is increasing, with criminals finding new ways to exploit the platform. Law enforcement agencies have also stepped up their efforts, resulting in notable successes in combating cybercrime. However, cybercriminals continue to adapt, employing enhanced security measures to evade detection. Dark web rating services have emerged as a valuable resource for individuals seeking reputable marketplaces while navigating the risks of exit scams. By staying informed and implementing robust security measures, individuals and organisations can fortify their cybersecurity defences and mitigate the risks associated with dark web cybercrime.