New Techniques Pave Way for Dark Web Marketplaces to Flourish
One month ago, the Dark Web’s top marketplace closed shop, and it happened peculiarly with very little fanfare. With no warning, the presumed leader of White House Market (WHM) dropped a letter on the site, thanking the merchants and customers and notifying them that user registrations and ordering were disabled.
You've probably never heard of White House Market. But for users of the dark web, it was the go-to online marketplace for illegal drugs and fraudulent credit cards. Then suddenly the site shut down. https://t.co/32OSZ8kCIo
— WIRED (@WIRED) November 1, 2021
While the U.S. Justice Department and Europol announced last week the results of Operation Dark HunTor, which targeted and disrupted Dark Web marketplaces, there is no direct link to the sudden close of WHM. There was no sting resulting in a high-profile arrest, like what happened to the suspected leader of DarkMarket in early 2021. In fact, it was the closure of DarkMarket that led to the dominance of WHM.
Now with the shuttering of WHM, the buyers and sellers of identities, credit card numbers, drugs, stolen goods, and most other illicit goods and activities that you can think of will move to other markets. There are several candidates to become the new king of Dark Web markets, from Monopoly and Versus, which the shutdown letter from WHM recommended, to the return of AlphaBay. AlphaBay was perhaps one of the largest and most successful Dark Web markets until 2017 when its presumed leader was arrested and major servers were confiscated.
An article in Wired, published Monday, 1 November, described the WHM shutdown, and the perhaps lasting contributions from WHM in the evolution of illicit online marketplaces—an evolution that may make it harder to crackdown on such markets.
One hallmark of WHM was that it banned certain categories of sales, including child pornography, arms sales, murder-for-hire, and fentanyl. The bans were designed to protect WHM from urgent, all-out efforts from law enforcement agencies.
In addition, WHM had other inflexible regulations. Transactions required the use of Monero, a hard-to-trace cryptocurrency. All communications had to be encoded using Pretty Good Privacy (PGP) encryption. Users did not keep a monetary account on the platform, unlike many other Dark Web markets that do. Instead, WHM set up a pay-as-you-go system that held funds in an escrow account until all terms had been met.
“Historically, based on 10 years of data, anytime a large marketplace has closed, second-tier marketplaces started to fill in the gaps,” Carnegie Mellon University computer scientist Nicolas Christin told Wired. “White House started like that. You have an evolution from markets and places run by people in the proverbial basement to something that looks a lot more like an industry which is starting to adopt some standard operating best practices.”
WHM appeared to be working and was clearly dominating the market. Without a gotcha arrest, why close up shop? The Wired article offered speculation that Operation Dark HunTor may have applied some heat or perhaps law enforcement investigating WHM were getting close in another undisclosed operation. Christin offered another potential reason: “Anonymity always decreases with time. Just one slip up and you’re done. If your IP address is captured once, it is a disaster. And so there is a perfectly rational behavior, which is to quit while you're ahead.”
While WHM may be gone, Dark Web marketplaces are not. Bitglass is a data protection company that recently replicated a study from 2015 on monitoring illicit data on the Dark Web. One of its findings was that in the six years since the first study, bad actors have become more efficient at marketing stolen data.
The volume of views and the velocity of the data as it traveled through the Dark Web compared to 6 years ago has made it clear that the usage of the Dark Web has grown. These are likely a confluence of several factors that range from an increasing number of breaches occurring, to more avenues to monetize exfiltrated data. These economics are likely going to embolden hackers and cybercriminals even further to continue their efforts to steal data, which can lead to monetary gain or notoriety.
"The Bitglass Threat Research Group ran the experiment again and compared the 2021 results to those back in 2015. What they found was interesting, enlightening and alarming."
— bitglass (@bitglass) October 21, 2021
Read Blog 👉 https://t.co/7ba3rdR1YF
Read Report 👉 https://t.co/Z8tTViWnPe
Wired summarized the effect of WHM like this: “White House Market’s most lasting impact will likely be that it established a higher industry standard for operations security and customer service among dark net market platforms, making transactions harder to trace and providing a smoother experience for online black market users. …This is the new breed of dark net markets—one that will make the next big international takedown much harder to pull off.”
