As the name suggests, a dark web marketplace is a site that offers (mostly illegal) products and services in exchange for payment. On escrow marketplaces, anyone with enough cash to pay the “vendor bond” can sign up and start selling. Imagine the dark web equivalents of Amazon or eBay, except with less reputable products and payments typically made anonymously using cryptocurrencies. As these examples demonstrate, there are a vast variety of goods and services for sale - ranging from hacking services, to counterfeit goods, to weapons - but especially drugs. Click on the marketplace names to learn more.
As the name suggests, a dark web marketplace is a site that offers (mostly illegal) products and services in exchange for payment. On escrow marketplaces, anyone with enough cash to pay the “vendor bond” can sign up and start selling. Imagine the dark web equivalents of Amazon or eBay, except with less reputable products and payments typically made anonymously using cryptocurrencies. As these examples demonstrate, there are a vast variety of goods and services for sale - ranging from hacking services, to counterfeit goods, to weapons - but especially drugs. Click on the marketplace names to learn more.
Autoshops are a particular type of dark web marketplace that specialize in the sale of digital products - such as financial data, login credentials, remote access, and cookies. They differ from escrow marketplaces in two main ways. Firstly, the transaction is automated (hence the name), meaning that there is little to no contact with the seller. Secondly, there are usually far fewer vendors active on the site, suggesting a somewhat closed ecosystem unlike the “open applications” ethos of escrow marketplaces. Autoshops are also more likely to operate on the clear web but often have some form of entry barrier, such as requiring a minimum account balance or an invite from a known user.
Autoshops are a particular type of dark web marketplace that specialize in the sale of digital products - such as financial data, login credentials, remote access, and cookies. They differ from escrow marketplaces in two main ways. Firstly, the transaction is automated (hence the name), meaning that there is little to no contact with the seller. Secondly, there are usually far fewer vendors active on the site, suggesting a somewhat closed ecosystem unlike the “open applications” ethos of escrow marketplaces. Autoshops are also more likely to operate on the clear web but often have some form of entry barrier, such as requiring a minimum account balance or an invite from a known user.
Dark web forums are very similar to their clear web counterparts in almost every way, except for the content they discuss. Indeed, some began life on the clear web before migrating to the dark web to evade surveillance or censorship, though others continue to maintain a clear web presence. As with marketplaces, forums cover the breadth of wider criminal activity. However, these examples show that in particular there is a thriving community of cybercriminals on dark web forums, sharing information, tutorials, access, and exploits. Some of these forums have been around for decades and, while the cybercriminal landscape has changed drastically, the perseverance of the markets shows that the dark web community remains very much the same.
Dark web forums are very similar to their clear web counterparts in almost every way, except for the content they discuss. Indeed, some began life on the clear web before migrating to the dark web to evade surveillance or censorship, though others continue to maintain a clear web presence. As with marketplaces, forums cover the breadth of wider criminal activity. However, these examples show that in particular there is a thriving community of cybercriminals on dark web forums, sharing information, tutorials, access, and exploits. Some of these forums have been around for decades and, while the cybercriminal landscape has changed drastically, the perseverance of the markets shows that the dark web community remains very much the same.
As ransomware groups have become increasingly prolific over the past five years, one of the “newer” aspects of the dark web has been ransomware leak sites. These are effectively publicity sites where ransomware groups share the details of their latest victims. However, they also play an important role in how these groups orchestrate and monetize their attacks. Traditional ransomware tactics of encrypting data and holding it “ransom” changed when the groups realized that organizations were equally as fearful of the data being leaked. This has led to the rise of “double extortion”, where groups encrypt an organization’s data and also threaten to publish it - on their dark web leak sites. These sites provide the ransomware operators with a platform to accept payments from the victims, and a space to shame them if they don’t pay.
As ransomware groups have become increasingly prolific over the past five years, one of the “newer” aspects of the dark web has been ransomware leak sites. These are effectively publicity sites where ransomware groups share the details of their latest victims. However, they also play an important role in how these groups orchestrate and monetize their attacks. Traditional ransomware tactics of encrypting data and holding it “ransom” changed when the groups realized that organizations were equally as fearful of the data being leaked. This has led to the rise of “double extortion”, where groups encrypt an organization’s data and also threaten to publish it - on their dark web leak sites. These sites provide the ransomware operators with a platform to accept payments from the victims, and a space to shame them if they don’t pay.