What happens with your most sensitive information when cybercriminals get their hands on it? It goes up for sale on the Dark Web, of course.
These breaches are alarming, and evoke uncertainty about how secure our information is with even the largest and most trusted names in the digital world.
What exactly is the Dark Web?
First founded in 2000 in the form of Freenet, the notion of the Dark Web began as a decentralised online platform free from government censorship.
From its inception it attracted users who sought more privacy than the traditional internet could offer as it enabled users to interact anonymously.
This need for privacy was revolutionised by the creation of Tor in 2002. Tor is a network that performs various encryptions and redirections that make users virtually untraceable with the specific aim of avoiding government surveillance because, believe it or not, online government ‘spying’ was already a big deal in the late 1990s and early 2000s.
Malicious intent, however, was not central to the motivations of the early users and creators.
In fact, one of the first things called for when Tor gained traction was the ability for people under oppressive regimes to be allowed access to the Dark Web so they could browse and interact without censorship.
It was at this point that the ability to bypass government firewalls came into the fold and as you may guess, gave considerable freedom for those seeking to take advantage.
A central concern remained the potential for transactions to be easily traceable by governments. That was until 2009 and the creation of Bitcoin.
Bitcoin’s increased privacy compared to centralised currency paved the way for illegal marketplaces to spawn around the Dark Web and until today these marketplaces are where the illicit trade of various goods and services are hosted, such as, for example, the trade of personal information of those subject to data breaches.
Vendors, storefronts and alarming ease of access
The vendors in many of these marketplaces seem quite casual about their trade.
These storefronts, as one example below shows, seem almost like those you would find on your average second hand website like Gumtree or Ebay and appears unaware of the fact that it is trading illegal information worth millions.
These nefarious platforms even have review systems similar to those on standard online stores:
In my research I was somewhat disconcerted at the ease with which I was able to gain access to the Dark Web.
The platform looked similar to a standard Internet Explorer that could be navigated quite easily and explored with limited forum research and a bit of time spent clicking back and forth.
The apparent ease with which these vendors are able to sell their goods and buyers are able to access them is quite frightening and could be cause for concern over the widespread use of cryptocurrency, which is the backbone of this underground economy.
Most of these marketplaces are transitioning to the Monero cryptocurrency, which provides even more privacy than Bitcoin.
Yet, notwithstanding the ability for illicit trade created by the Dark Web, crime will exist as much without the internet and crypto as with it, and the most we as everyday users can do is to be certain our personal data is secure.
A deep dive into the illicit marketplaces on the dark web done by Zachary Ignoffo for Privacy Affairs reveals the average prices your information sells for.
The table below is as updated on May 9 2021.
|Dark Web Price Index|
|Category||Product||Average Price (ZAR)|
|Credit Card Data||Cloned Mastercard with PIN||R350|
|Cloned American Express with PIN||R500|
|Cloned VISA with PIN||R350|
|Credit card details, account balance up to $1,000 (R14,110)||R2,100|
|Credit card details, account balance up to $5,000 (R70,547)||R3,400|
|Stolen online banking logins, minimum $100 (R1,411) on account||R560|
|Stolen online banking logins, minimum $2,000 (R28,219) on account||R1,700|
|Hacked (Global) credit card details with CVV||R500|
|Payment processing services||Stolen PayPal account details, minimum $100 (R1,411)||R420|
|Stolen PayPal account details, minimum $1,000 (R14,110)||R1,700|
|PayPal transfers from stolen account, $100-$1,000 (R1,411-R14,110)||R700|
|PayPal transfer from stolen account, $1,000 – $3,000 (R14,110-R42,328)||R4,800|
|PayPal transfers from stolen account, $3,000+ (R42,328+)||R2,550|
|Stolen PayPal account details, no balance||R200|
|50 Hacked PayPal account logins||R2,800|
|Crypto Accounts||Hacked Coinbase verified account||R8,600|
|Crypto.com verified account||R4,200|
|Blockchain.com verified account||R4,400|
|Binance verified account||R5,800|
|Social Media||Hacked Facebook account||R920|
|Hacked Instagram account||R630|
|Hacked Twitter account||R500|
|Hacked Gmail account||R1,100|
|Instagram followers x 1000||R70|
|Spotify followers x 1000||R30|
|Twitch followers x 1000||R70|
|LinkedIn company page followers x 1000||R170|
|Pinterest followers x 1000||R60|
|Soundcloud plays x 1000||R15|
|Twitter retweets x 1000||R350|
|Instagram likes x 1000||R70|
|Hacked Services||Uber driver hacked account||R200|
|Uber hacked account||R110|
|Netflix account – 1 year subscription||R620|
|Various adult site accounts||R60|
|Canva Pro yearly||R85|
|Adobe Creative Cloud 1 year||R2,250|
|eBay account with good reputation (1,000+ feedback)||R14,100|