View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
April 20, 2018updated 07 Jul 2022 5:56am

Facebook and Google “Inspired” $1.5 Trillion Dark Web Entrepreneurs

Platform owners rake in profits; criminals less so.

By CBR Staff Writer

Cybercrime revenues now rival the GDP output of major world economies at a colossal $1.5 trillion annually, according to an independent academic study published today.

Surrey University’s Mike McGuire spent six months researching cybercrime profit distribution for his “Web of Profit” report; speaking with GCHQ, the FBI, Europol, global financial institutions and covert security workers that have infiltrated the dark web.

Data is the Commodity

His research, sponsored by endpoint security company Bromium, points to an emergence of “platform criminality”, mirroring the “platform capitalism” model, in which data is the commodity.

According to the criminology lecturer: “This is creating a kind of ‘monstrous double’ of the legitimate information economy – where data is king. The web of profit is not just feeding off the way wealth is generated there, it is reproducing and, in some cases, outperforming it.”

The report points to the success of modern ‘platforms’ – companies like Facebook, Google and Amazon as inspiration for the criminals.

“The main contribution of platforms is to connect individuals with a service or product. The platforms produce nothing themselves in this process, but the end-user consumers provide platforms with the most precious of all commodities within an information-based economy – their data. We are now seeing the same thing in the cybercriminal underworld,” he said.

Who Profits?

The report shows that cybercriminal platform owners are likely to receive the biggest benefit from this new wave of cybercrime, and that the owners will distance themselves from the actual commission of crime. Managers can earn up to $2 million per job – often with just 50 stolen card details at their disposal.

Content from our partners
Green for go: Transforming trade in the UK
Manufacturers are switching to personalised customer experience amid fierce competition
How many ends in end-to-end service orchestration?

The criminology lecturer refers to this as a shift to “post-crime” reality, where cybercriminals are taking a “platform capitalism” approach to selling, rather than committing crime. He found criminal sites offering ratings, descriptions, reviews, services, and even technical and customer support.

These platforms are improving the criminal “customer experience” and allowing easy access to services and products that support the commission of crime on a global scale.

Dark Web

The risk of getting hacked is rising. Credit: Kaur Kristjan, via Unsplash.

Exploiting Exploits

Some examples of services and products include:

  • Zero-day Adobe exploits, up to $30,000
  • Zero-day iOS exploit, $250,000
  • Malware exploit kit, $200-$600 per exploit
  • Blackhole exploit kit, $700 for a month’s leasing, or $1,500 for a year
  • Custom spyware, $200
  • SMS spoofing service, $20 per month
  • Hacker for hire, around $200 for a “small” hack

These platforms fuel industrial scale revenue generation, with their own sets of digital currencies and exchanges, production zones, tools supply, technical support, global distribution mechanism and marketplaces, the report claims.

Even advertising is a core revenue generator too: before being taken down in 2016, the ‘Kickass Torrents’ platform was worth over $54 million, with estimated $12.5-$22.3 million annually in ad revenue alone, he notes.

$3.5 Million for Terrorists

Connections between cybercrime and terrorism also proliferate, he found.

The report highlights one case where cybercrimes were committed specifically to generate revenues for terrorist activities. “One British-born follower of Al Qaeda, who provided technical assistance to the terror group in relation to uploading videos, quickly realized that his technical skills could also be used to commit cybercrimes,” McGuire explains. “He began to acquire stolen credit card numbers through transactions on online forums, such as Cardplanet, gathering over 37,000 separate card data files and generating more than $3.5 million in revenues.”

Gregory Webb, CEO of Bromium. “The walls between the criminal and legitimate worlds are blurring, and we are no longer simply dealing with ‘hackers in hoodies.’ We have to understand and tackle the underlying economic ecosystem that enables, funds and supports criminal activity on a global scale to stem the tide and better protect ourselves. By better understanding the systems that support cybercrime, the security community can better understand how to disrupt and stop them. New approaches to cybersecurity will be required.”

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.
THANK YOU