An IntSights Cyber Intelligence threat report, Messaging Applications: The New Dark Web, suggests that apps like Discord, ICQ, Skype, Telegram and Whatsapp offer a convenient mobile platform for criminals, given the availability of group chat. IntSights analyzed thousands of black markets, text storage/paste sites, hacking forums, IRC channels, apps and social media pages, and discovered a steady increase in criminals inviting users to join their messaging groups.
The company estimates that up to hundreds of thousands of users of prominent mobile messaging apps are using them to trade stolen credit cards, account credentials, malware and drugs, as well as exchanging hacking methods and ideas.
In some cases, the dark web marketplaces themselves are leveraging mobile messaging and mobile apps. For instance, in July an advertisement for a new Russian black market, dubbed Matanga, started making the rounds via Jabber, a messaging application. Matanga, which sells a variety of drugs, stolen credit cards, SIM cards and other illegal merchandise, created a dedicated Android app that connects to TOR (The browser people use to visit the Dark Web) utilizing ORbot, thus giving mobile users easy access to the services of the dark web from their devices.
This means that today’s dark web black market is accessible to anybody with a cell phone, which could lead to a proliferation of low-level cybercrime conducted by amateurs. In the past, cyber-criminal communication required an individual to have somewhat specialized equipment and knowledge.
“While the traditional dark web proves to be less-dark than believed, hackers move to the surface web, using platforms such as social-media and mobile apps,” the report noted. “While more traditional forms of communication required an individual to have at least a basic level of knowledge of which sites to visit and how, in addition to the use of a dedicated browser over a desktop computer, today’s black market is accessible more than ever, with the tap of a finger over a portable pocket-held device. This could prove to cause a proliferation of low-level cybercrime, that is conducted by less qualified perpetrators.”
The report also concluded that the monitoring of online criminal activity will become much more challenging as threat actors move from large and centralized black markets and forums to small, closed and distributed networks based on social media groups and/or messaging apps.
Original report published in Infosecurity Magazine.