Cybercrime at scale: Dissecting a dark web phishing kit

Introduction to dark web phishing kits

The internet is like an iceberg: there is a lot more to it than can be seen from the surface. In addition to the surface web (what can be accessed and indexed by search engines), there is the deep web (gated content on internet-connected computers) and the darknet or dark web.

The dark web is often seen as a haven for cybercriminals, but it’s not all bad. The dark web is only accessible via Tor, which was designed by DARPA to protect the privacy of its users. In addition to the criminals, users of the dark web include political activists, journalists and other people who could be persecuted or killed if their identity became known.

However, this isn’t to say that there isn’t a lot of illegal stuff on the dark web. In an Infosec webinar, Cameron Bulanda and Kevin Angeley talked about how easy it is to acquire and use a phishing kit on the dark web.

Purchasing a dark web phishing kit

Dark web marketplaces aren’t somewhere that you can access by firing up Google on your home computer. In order to shop for a phishing kit on the dark web, a few things are necessary:

  • Virtual machine (VM): See above about the dark web being a common haunt of cybercriminals. It’s not somewhere that you want to visit on your actual computer. A VM can be easily discarded after the fact, eliminating the need to clean it of malware.
  • Tor: Tor is the only way to access sites on the dark web. It needs to be installed and properly configured to access any dark web website or marketplace.
  • Cryptocurrency: Cybercriminals often use cryptocurrency for transactions, since it provides a degree of anonymity (more than a traditional bank account). Bitcoin is commonly (Read more…)

*** This is a Security Bloggers Network syndicated blog from Infosec Resources authored by Howard Poston. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/4-50Ke6RuW4/