(Translated from the original Italian)
Governments want you stay far from hidden web, because they cannot spy on you. Crime in the Deep Web is only as prevalent as it is in the clear web, and we have described it in detail in the upcoming Boo, the "Deep Dark Web".
Of course, the anonymity granted by the Deep Web could encourage and facilitate criminal activities, but at same time it represents an obstacle to the criminal in that, such as for those who desire to steal sensitive information of users or wish to spy on them.
Meanwhile, on the clear web, we are able to find many reports produced by security firms on cyber criminal activities and their related earnings, and we know relatively little about the profits related to the Deep Web.
I've found some interesting research conducted by Carnegie Mellon computer security professor Nicolas Christin on the earnings of one of the most famous black markets in the Deep Web, the Silk Road.
It seems to be able to realize $22 Million in annual revenues related to the drug market. Total revenue made by the sellers has been estimated around USD 1.9 million per month, an incredible business, and also for the Silk Road operators that receive about USD $143,000 per month in commissions.
The experts have examined over 24,400 separate items sold on the popular site demonstrating that Silk Road is mainly used as drugs market, and very interesting also is the composition of the sellers that for obvious need to leave the site within a couple of weeks only to appear again later.
First of all, where is the Silk Road?
Silk Road is a hidden service, but be aware that hidden service doesn't mean that it's difficult to locate, but instead this is the meaning that is used for the service provided in the anonymizing network.
We are faced with a complex economy that has its own electronic currency, the Bitcoin, another issue that we have already discussed. We can consider the market armored due the anonymity mechanisms that it trades on, from the use of the Tor Network to the payment methods.
The study analyzed the evolution of the market in the last months demonstrating the increase in business may be thanks to the aura of mystery that the media give the Deep Web.
The number of sellers of all kind of drugs is passed from 300 in February to around 570 in August.
The analysis was conducted running a crawler program against the website and at the same time monitoring the activities of the site administrator to understand if the monitoring was detected.
The researchers have participated in the forum on the site without noting any sign that demonstrated that their crawler was discovered.
The applications used for the analysis were able to collect all kinds of information related to the products sold such as pricing information and feedback posted by the buyers (surprisingly they found a high level of customer satisfaction, around 97.8%), as well as useful information to estimate the number of sales.
To avoid detection of the measurements, the team used different Tor circuits and have performed analysis randomly during every day.
Which are the most sold products?
The study has grouped the product in categories and has revealed that the "most wanted" items are drugs. The following is the proposed list of the Top 20 categories in terms of items available:
The study has also tried to take a picture of typical seller, of course excluding their identity that is impossible (maybe) to track. First, we specify that due to the anonymous nature of the market place, it is impossible to discern whether certain sellers use multiple seller pages, we can only speculate that a seller will use for convenience a single page .
Most sellers leave the site fairly quickly, but a core of about 4% of them have been on the site for the entire duration of our study, and the majority of sellers are only on the site for less than two months, maybe because they leave the site once they have sold the products or because they move "into stealth mode as soon as they have established a large enough customer base".
Another interesting bit of data is related to the location of the sellers and buyer, information that has been obtained from the list of acceptable shipping destinations of the items.
The following table shows the top 12 locations for both origin and destinations. Most items ship from the United States, with the United Kingdom a distant second and The Netherlands where the government permits narcotics sales.
The study reveals that a majority of items ship worldwide, in spite of the nature of the items, considering that the odds are they get paid only once delivered and that the quantities being sold are generally rather small.
Tthe researchers believe that the sellers use techniques to make package inspection unlikely, for example using vacuum sealing and of course “professional-looking” envelopes with typed destination addresses. In this way it's hard to trace the senders because they also use private couriers to ship the items.
Taking a look to the economic aspects of the black market we must consider first that all transactions are using Bitcoin currency that is notoriously volatile.
Analyzing the evolution of the exchange rate of the Bitcoin against the three major currencies that sellers use in their countries, is possible to note that the Bitcoin exchange rate has remained relatively stable between the end of February and early May, oscillating around 1 BTCUSD 5, and corresponding values in Euros and pounds.
Since then, the Bitcoin has notably appreciated, reaching close to USD 9 since mid-July 2012, with relatively large fluctuations in value. The evolution of product prices closely mirrors the evolution of the Bitcoin exchange rates suggesting some little inflation for these items over the time interval considered.
Experts and law enforcement are conscious that they are faced with an anomalous market where identities are hidden, payments are difficult to trace, where no advertising is made and where the access to the "market place" implies using an anonymizing tool such as a Tor client. Despite all these considerations the study has revealed a string growth of the business, as the market appears in expansion and the number of sellers that use it has dramatically increased.
“It’s a stable marketplace, and overall it’s growing steadily.”
But many users on the site have worried about possible infiltration made by law enforcement, and another source of concern is that several of its high-profile sellers have disappeared.
The possibility to infiltrate a similar market is concrete and for a market place such as Silk Road this represents in my opinion a moderate risk for the worldwide community. The most problematic aspects of similar businesses is that they are controlled by criminal organizations, but the figure proposed are far from able to justify a massive Government intervention, so the problem is how many hidden services like this are in the hidden web?
I believe that governments are working on the possibility to fight this type of cybercrime but are worried by the most dangerous way to use anonymizing networks.
In the reports are also proposed some solutions to stop the market place, but some of them really impractical like the blocking of Tor networks, don't forget that governments primary use these types of networks that they have designed and promoted...
Are market place such as Silk Road an acceptable side effect? More responses in our incoming book on the topic... The Deep Dark Web
Cross-posted from Security Affairs