COVID-19 Has Seriously Disrupted Dark Web Operations and Markets

By Bill Toulas / April 3, 2020

At the same time when some crooks have found an opportunity to cash out on people's fear of the Coronavirus pandemic, some dark web actors are experiencing a severe disruption of their malicious operations. The world has come to a stop right now, and, inevitably, large chunks of fraudulent activity cannot continue at the time being. Digital Shadows has dived deeper into the matter and provides some insights on what is going on right now at the darker side of the internet.

The first sector to have stagnated due to the COVID-19 outbreak is travel fraud. Platforms such as "Club2CRD" have announced they have nothing going on right now, as nobody is traveling, and the borders between countries are closed. Previously, the website was tricking people into giving their credit card details to travel-themed phishing websites and was then selling the data on their forums. The story is about the same with event-based carding and phishing websites that sold fake tickets to events. With all the events canceled, there's nothing left to use for these actors.


Source: Digital Shadows

Another category of actors that have been adversely affected is the "dropworkers," who were visiting banks and withdrew money from stolen accounts. Since banks are closed now, there's no "cashing out" going on. Finally, Amazon has stopped shipping all non-essential items to focus its available resources on things such as foods and medicine. It means that dark web marketplace vendors can no longer deliver their goods to buyers, and the business has stagnated as a result. This will last for a long time, as the COVID-19 outbreak in the United States hasn't culminated yet, so all these actors are looking for alternative ways to make money. Less skilled crooks who were doing this as a full-time job are expressing their desperation now.


Source: Digital Shadows

Some are turning to malware distribution, others to Coronavirus-themed scams and phishing campaigns, others to Magecart operations, some to ransomware, and many are selling masks and even vaccines to gullible people! However, adaptation is not easy for everyone, and those who were engaged in the less tech-savvy field of operations - such as the dropworkers or the money-mules - are having the biggest problem right now. Hopefully, when things return to normal, these persons will reconsider their life and career choices.

For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: