- Статьи
- Internet and technology
- Buy - Hack: How the cybercrime market on the darknet will change in 2025
Buy - Hack: How the cybercrime market on the darknet will change in 2025
Hacker subscription services and virus modification services are growing in popularity on the darknet, and a market for cheap malware is taking shape - cybersecurity experts have warned about these trends for 2025. The trends are alarming to experts as the tools for hackers become more accessible over time. For details on how the cybercrime market in the darknet will change in 2025, read Izvestia's article.
What are the main trends in the cybercrime market?
A new study of the darknet market was published by specialists from Positive Technologies. Experts noted that today it shows signs of a legal structure with high competition, which, in turn, encourages sellers to improve the quality of goods and services, build client relationships and strengthen positions.
One of the key trends experts named as the spread of the subscription model in the segments of malicious software (MSS), phishing and DDoS attacks. Under such subscriptions, attackers gain access to specific toolkits, instructions and technical support for a certain period of time. According to Positive Technologies, this model may soon spread to the exploits (vulnerabilities) segment and cover all shadow forums.
Another important trend is the evolution of the VPO market, which was used in 65% of all cyberattacks in Q3 2024. Today, analogs of legal file verification services are appearing on the darknet, which enable attackers to bypass various security systems. In addition, the modification of viruses "to order" for specific attacks and victims is gaining popularity. In parallel, there is a market for cheap VPO, especially encryptors that can be used to attack small and medium-sized businesses.
When the cybercrime market began to emerge on the darknet
The cybercrime market in the darknet appeared in the late 2000s - early 2010s, says Sergei Polunin, head of the group for the protection of infrastructural IT solutions at Gazinformservice, in a conversation with Izvestia. There were several prerequisites for this: first, various anonymous networks, including Tor, began to appear. Without relative anonymity, it was not so popular to do something illegal on the Net.
- The second point is the emergence and popularization of reliable cryptocurrencies, such as bitcoin," says the expert. - Here, too, everything is clear: you have to pay for services, and the classical banking system and anonymous transfers are incompatible concepts.
These two factors were enough to launch the darknet as it is known today. According to Sergei Polunin, various hacker forums existed before: for example, in the 1990s, hacking tools or ready-made exploits were sometimes posted even on free hosting sites, and no one opposed it.
Over time, however, law enforcement agencies in most countries began to pay attention to this threat, and cybercriminals moved to the darknet. By the early 2010s, there were full-fledged marketplaces for hacker services and programs (for example, the infamous Silk Road), various sites for trading stolen data, and much more.
- In the 2020s, we are already talking about so-called professionalization: today, hacker services are much more organized than before, selling cybercrime as a service and offering a huge variety of related services - from targeted hacking to technical support for clients," emphasizes Sergey Polunin.
Key players in the cybercrime market on the darknet
Any shadow markets, including the darknet, operate on the principle of the usual ones: there are sellers and buyers for a certain niche, experts from the Threat Intelligence Department of F.A.C.C.T. said in a conversation with Izvestia. The main difference is that on the darknet, both are criminals who break the law.
- It is impossible to single out specific users who form the market here, as everything happens anonymously," experts say. -It should also be taken into account that over time the vector of the main services is shifting: from carding (fraud with payment cards - "Izvestia") to selling access or source codes of various VPOs. Each sphere has its own "consumer", and each pursues its own goals: hacktivism, extortion, sale or purchase of VPOs, carding, and so on.
Yuri Duboshay, cyber intelligence expert at Angara SOC, adds that hacker groups or loners can act as the main sellers on the cybercrime market on the darknet, and scammers or other hackers who require highly specialized services can act as buyers. In turn, Alina Bayramova, an analyst-researcher of cybersecurity threats at R-Vision, notes that there are three main directions in the cybercrime market today.
First, it is subscription to specialized services, which for a fixed monthly fee provide access to tools for attacks: DDoS, phishing and account hacking. The second direction is the development of unique viruses and ransomware that are difficult to detect by anti-virus programs. Finally, we can highlight the sale of users' personal data: logins, passwords, banking information and information about compromised systems.
- As an example, we can cite the story of Ridge Security, which developed a tool for automating penetration testing - RidgeBot," says the expert. - This product is capable of independently finding and exploiting vulnerabilities in systems. However, it should be noted that RidgeBot was freely available on shadow resources, where it can be purchased for only $1,000.
According to Alina Bayramova, this leak made the automated tool available to attackers, which may have serious consequences. In particular, cybercriminals can use it to steal confidential company data and later demand a ransom for its return.
How dangerous is the development of the cybercrime market on the darknet?
Speaking about the prospects for the development of the cybercrime market on the darknet in 2025, Sergei Polunin draws attention to three main trends. The first is the lowering of the entry threshold. Today, you don't need to be a hacking guru to log on to the darknet and choose a service - it's no more complicated than ordering a pizza delivery. And you can pay with cryptocurrency, which many people are also starting to use.
- The second is globalization: buyers and sellers are anonymous, but today they don't even have to live in the same country and speak the same language," says the Izvestia interlocutor. - And the third is the growth in the quality of services. Professional hackers not only do their job well, but also provide high-quality technical support for customers, which is something that salespeople in ordinary stores sometimes do not do.
Alina Bayramova adds that the cybercrime market is becoming more and more systematic: vendors offer complex platforms for buying tools and launching attacks. The cost of such attacks starts at $20,000, but their profit potential is very high. This is attracting more and more people to illegal activities.
- The only way to counter the development of the cybercrime market is to strengthen the security of companies and their solutions," says Anton Averyanov, CEO of ST IT Group and TechNet market expert for the National Technical Initiative (NTI). - Hacking is a very expert topic, if we are not talking about exploiting known vulnerabilities.
The problem is that in many solutions these vulnerabilities are open or there is no security at all. This leads to a massive proliferation of VPOs. If companies invested more in security, the hacking software market would not be able to grow so much: the opportunity to hack or break something would only be in unique cases with long preparation, the expert concludes.
Переведено сервисом «Яндекс Переводчик»
