The dark web, originally for privacy, is now a hacker’s hub. Explore its inception, hidden corners, and the ongoing fight against cybercrime and anonymity.
It’s not only the Monopoly board game that features Rich Uncle Pennybags. He is seen playing a mascot on Versus Market, a cyber-black market where illegal items are sold. Also, Walter White from Breaking Bad appears as a mascot for the White House Market. He advertises weaponry and stolen financial information for sale. Misusing identities is only the surface of everything illegal in the cyber black markets of the dark web.
Terbium Labs has catalogued over 200 dark web domains as illegal, of which 75 percent are marketplaces. In recent years, the cyberspace black market has been crawling with illicit vendors selling pharmaceutical drugs, counterfeit documents, hacking tools, and stolen data.
A specific black market once recorded around 500,000 user visits, over 2,400 sellers, and more than 320,000 transactions involving 4,650 Bitcoin and 12,800 Monero transfers. However, the illicit cryptocurrency ecosystem has expanded dramatically. As of 2025, illegal crypto transactions include tens of billions annually. Estimates indicate illicit cryptocurrency transactions exceeded $40.9 billion in 2024 and are projected to surpass $51 billion in 2025.Â
Cryptocurrency-enabled online sales of illicit drugs alone grew by over 19% between 2023 and 2024, nearing $2.4 billion. Although traditional darknet marketplaces declined due to law enforcement actions, cybercriminals increasingly use encrypted chat apps like Telegram for illicit sales. Crypto thefts surged past $2.17 billion in 2025, underscoring a continually evolving cybercrime landscape since Bitcoin’s invention in 2009 and its criminal use from 2011 onwards.
The ‘Whack A Mole’ Situation
When millions of usernames and passwords stolen from over 1000 websites appear for sale in a dark web marketplace, the potential for catastrophe is high. Organizations continually strive to shut these markets down permanently, yet another emerges when one black market falls.
- In 2011, Ross Ulbricht launched Silk Road, the first high-profile dark web marketplace, generating estimated revenue of over a billion dollars before its takedown; Ulbricht received a life sentence.
- Alphabay, founded in 2014 by Alexandre Cazes, sold drugs and breached data until his suspicious death in 2017 while in custody.
- Hansa Market was shut down in 2017 by Dutch police who covertly took control and gathered intelligence, leading to numerous arrests.
- In 2021, multiple international law enforcement agencies seized the Slilpp marketplace, which traded stolen credentials and identities, with calculated losses exceeding seven figures. The full impact remains uncertain.
A Closer Look At The Dark Index
Privacy Affairs’ 2021 Dark Web Price Index states that a forged Maltese passport costs about $6,500, while a forged valid security number costs $2. Faces also began appearing, with biometric selfie scans priced at $100 for cyberattacks. Prices vary by risk, buyer benefits, and product quality. A cloned credit card with PIN increased by $10 over the previous year. U.S. hacked credit cards fetched the lowest prices, Israeli ones the highest. Hacked crypto accounts were valued at around $600.Â
Other products include PayPal accounts, DDoS services, deepfakes, counterfeit currency, and vaccine certificates. Deepfake services were $20/minute last year. The rise of fake business documents has led to a 125% increase in application fraud, aided by remote work, making fake company setups easier. This growing sophistication may complicate future law enforcement.
In The Shoes Of A Fraud Analyst
Fraud analysts monitor the dark web to detect suspicious transactions, compromised cards, and fraudulent accounts. They track stolen business registration numbers and watch for fraudulent email or director identities. Analysts face risks themselves, requiring strong corporate credential protection as fraudsters mimic legitimate activities. Analysts use equipment such as card skimmers sold on the dark web for research. Many services may also be scams, necessitating vigilance even among cybercriminals.
Target in Sight: Every Company
Compromised executive emails and signatures can be exploited to send fraudulent documents to banks, causing significant trouble. Contact information, financial records, and access credentials can be exposed on the dark web without breach detection. Historical breaches, like the 2012 LinkedIn hack (117 million compromised accounts) and the 2013 Yahoo breach (3 billion accounts), went undiscovered for years. Amazon sellers lost over $100,000 from a 2017 breach that redirected payments.
The Role of CISOs and CTOs
Dark web marketplaces pose ongoing threats. Experts urge cybersecurity teams to employ proactive dark web monitoring and threat intelligence using platforms like Digital Shadows and Zerofox. Measures like multi-factor authentication and endpoint security are crucial. Some industries, such as airlines, face direct risks of illicit ticket sales on the dark web. Cyber defense strategies specific to dark web threats are increasingly essential. The dark web enables anonymized communications, transactions, and logistics, complicating law enforcement. Despite a 2016 Canadian survey where 71% wished for dark web shutdowns, the dark web remains vital for legitimate privacy uses, including anonymous forums and investigations.
