Threat Management, Incident Response, Network Security, TDR

Study: cannabis, pharmaceuticals, MDMA most exchanged goods on deep web

An analysis of the top 15 vendors across all marketplaces on the deep web showed that cannabis, pharmaceuticals and MDMA are the top three most exchanged goods.

According to a recent study by Trend Micro, the three make up more than 63 percent of the goods sold by the deep web's largest venders. LSD, meth, mushrooms, heroine, seeds, video games and stolen account information equally account for the remaining nearly 37 percent. The security firm conducted the study to reach a solid consensus of activities on in the dark web as well as how it is used.

Christopher Budd, global threat communications manager at Trend Micro, told SCMagazine.com that “well over a quarter of the linkages from the dark web to the surface web led back to child exploitation sites.” Budd explained that shutting down sites like Silk Road isn't enough to eliminate illicit online activity.

“If you take down one marketplace that doesn't stop this, you take one down and one pops back up,” he said.

Researchers also found an abundance of Bitcoin money laundering services and malware such as the banking Trojan VAWTRAK and Cryptolocker.

“A year ago Cryptolocker was pretty dormant but in the past four to six months it's made a comeback,” Budd said. “The tools to get regular people onto the deep web have improved," making it easier for criminals to, for example, instruct victims on how to connect to pay ransoms that would be difficult for authorities to trace.

But not everything on the deep web is dark. “The drugs and the assassinations get the headlines but there's more to it,” Budd said. “It isn't all about crime; the deep web is also a place where people go to speak with anonymity about politics or news and other interests.”

The study found that once after removing nearly 22,000 HTTP and HTTPS protocols, the 100 that remained were were Internet Relay Chat (IRC) and Internet Relay Chat Secure (IRCS) protocols. These protocols are often used as chat servers or as a communication channel for botnets.

The study also found that 62.36 percent of content on deep web domains is in English. Despite more content being in English, there were more URLs in Russian. Of the websites viewed in the report, 41.4 percent of the of the URLs were in Russian while 40.74 percent were in English. The study credited the abundance of Russian URLs to a particularly large Russian forum not linked to malicious activity and which was active at the time of the study.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.