Executive’s Guide to the Business of Malware

Download the Whitepaper


Cyber thieves, like their non-virtual counterparts, are in it for the money. It’s an aspect of hacking that’s missed when we focus on the techniques and cool tricks hackers use to get into and move around systems. Like regular thieves, after they grab the goods, hackers monetize their stolen data by going to a “fence”—basically a broker who can match criminal buyers and sellers

The cyber world has its own version of a fence, one which is far better organized than in the non-digital crime world. There are hidden marketplaces on the web, known as the “dark exchanges”, where stolen data is sold at the retail level to lesser thieves. Credit card numbers along with other PII can be purchased at the equivalent of eBay for the criminal class.

Cybersecurity research firm Privacy Affairs publishes an annual survey of stolen PII prices by scraping current price data from these dark web sites. For 2021, we know that credit cards with proven account balances of $2000 can fetch up $240 per card, stolen Bitcoin accounts go for over $300, and hacked bank logins are valued at $80. Prices vary greatly by country with some countries, such as Australian and Japan getting premiums.

In this paper, we’ll look more closely at how these dark exchanges influence the types of data that’s targeted. And we’ll also see why ransomware attacks have become a major new source of income for hackers. To begin, let’s examine these dark markets and how the buying and selling of stolen data is actually carried out.