Darknet without honor: Fraudulent trustees vs. cybercriminals 

Darknet without honor: Fraudulent trustees vs. cybercriminals

Share post

Everything on the Darknet is a business: Cyber ​​criminals run their business there with other cyber criminals. They also use trustees for their payments. But there are fraudulent trustees there too. There doesn't seem to be a code of honor or even crooks' honor. 

Between 2020 and 2022, more than a million messages related to intermediary or trustee services were posted on the dark web. According to a recent Kaspersky analysis, trustees act as third-party intermediaries to support cybercriminals looking to buy, sell, or partner with data and services. They are designed to control the fulfillment of agreements and reduce the risk of fraud. Such trustees receive between three and 15 percent per transaction for these services. However, not everyone seems to be meeting their obligations: a trustee is said to have withheld $170.000.

Trustee scams cybercriminals

Cyber ​​criminals active on the dark web are concerned for their own safety and do not want to become victims of their "colleagues". Therefore, when completing transactions such as the purchase of databases, accounts or company access, they use the brokerage services of trustees. This can be a human or an automated system designed to speed up and simplify relatively ordinary business processes. However, for expensive or atypical cases, cybercriminals use human intermediaries.

The Kaspersky Digital Footprint Intelligence team identified more than a million messages between 2020 and 2022 that mention the use of a trustee (or similar terms like “guarantor”, “middleman” or “intermediary”). These messages accounted for 14 percent of the total number of business-related messages across various dark web networks. However, the percentage of deals with escrow services can be higher, since cybercriminals often discuss detailed terms in person without providing full details in announcements and offers.

3 to 15 percent commission per transaction

"The number of messages mentioning escrow services increased sharply in the second half of 2021 and is related to the dynamics of cybercriminal activity in Telegram channels," said Vera Kholopova, Security Services Analyst at Kaspersky. “Dark web community members flocked there in early 2021 due to the compromise of several popular dark web forums. For most of 2022, we have seen an overall slowdown in shadow resource activity. This may be a consequence of the escalated geopolitical situation that prompted cyber criminals to stop their illegal activities and move with the accumulated funds. Nonetheless, in late 2022 we have seen escrow related activity picking up again.”

Code of Honor on the Dark Web? None!

Despite the rules of communication between cybercriminals in the appropriate forums and “dark web etiquette”, no escrow service protects against fraud. Because both seller and buyer as well as the trustee can violate the business agreements - especially when large sums are involved. For example, Kaspersky experts found a post accusing a trustee of failing to pay a total of $170.000 across four deals.

More at Kaspersky.com


About Sophos

More than 100 million users in 150 countries trust Sophos. We offer the best protection against complex IT threats and data loss. Our comprehensive security solutions are easy to deploy, use and manage. They offer the lowest total cost of ownership in the industry. Sophos offers award-winning encryption solutions, security solutions for endpoints, networks, mobile devices, email and the web. In addition, there is support from SophosLabs, our worldwide network of our own analysis centers. The Sophos headquarters are in Boston, USA and Oxford, UK.


Matching articles on the topic

Cybersecurity platform with protection for 5G environments

Cybersecurity specialist Trend Micro unveils its platform-based approach to protecting organizations' ever-expanding attack surface, including securing ➡ Read more

Data manipulation, the underestimated danger

Every year, World Backup Day on March 31st serves as a reminder of the importance of up-to-date and easily accessible backups ➡ Read more

Printers as a security risk

Corporate printer fleets are increasingly becoming a blind spot and pose enormous problems for their efficiency and security. ➡ Read more

The AI ​​Act and its consequences for data protection

With the AI ​​Act, the first law for AI has been approved and gives manufacturers of AI applications between six months and ➡ Read more

Windows operating systems: Almost two million computers at risk

There are no longer any updates for the Windows 7 and 8 operating systems. This means open security gaps and therefore worthwhile and ➡ Read more

AI on Enterprise Storage fights ransomware in real time

NetApp is one of the first to integrate artificial intelligence (AI) and machine learning (ML) directly into primary storage to combat ransomware ➡ Read more

DSPM product suite for Zero Trust Data Security

Data Security Posture Management – ​​DSPM for short – is crucial for companies to ensure cyber resilience against the multitude ➡ Read more

Data encryption: More security on cloud platforms

Online platforms are often the target of cyberattacks, such as Trello recently. 5 tips ensure more effective data encryption in the cloud ➡ Read more