The dark web continues to harbour cyber-crime, presenting real-world challenges to individuals, corporations, and governments. Global cybersecurity company, Kaspersky, has highlighted growing trends and projected new developments in this area for 2024. Drawing on its deep expertise in threat intelligence and security, Kaspersky has identified several key trends which include cybercriminals utilising deceptive advertisements for malware distribution, a burgeoning demand for crypto asset draining services, and an increase in services providing antivirus evasion for malware cryptors.
Kaspersky observed a considerable increase in extortion activities and stealers on the dark web throughout 2023. The coming year also presents fresh obstacles due to an expected rise in crypto-drainer services, promotional efforts by fraudulent websites via search advertising, and an uptake in malicious loaders.
Reflecting on the past 12 months, Kaspersky's experts noted a sharp increase in ransomware blog posts used for blackmailing companies or revealing new successful hacks. While around 386 such posts would be produced monthly on public platforms and the dark web in 2022, the figure climbed to an average of 476 in 2023, reaching a peak of 634 posts in November alone.
Another troubling development has been the increased risk of leakage for personal and corporate credentials. Kaspersky underscored a rise in posts regarding stealer malware, which cybercriminals use to steal sensitive information. Compromised data often include login credentials, financial details, and personal data. Notably, posts offering logs for the popular Redline stealer tripled from an average of 370 per month in 2022 to 1,200 in 2023. Overall, 2023 saw an almost 30 percent rise in the volume of various malware log files, containing compromised user data posted on the dark web.
Looking forward, Kaspersky anticipates cybercriminals to increasingly utilise search engine advertising to promote malware-embedded websites. While previously reliant on phishing emails, cybercriminals now use Google and Bing ads to ensure their malware-embedded landing pages secure top positions in search results. Kaspersky predicts a significant rise in these deceptive practices.
The company also expects a growing demand for crypto-drainer services. These kinds of software are designed for swift and automated withdrawal from legitimate crypto wallets to those controlled by malicious actors. The sustained interest in cryptocurrencies, NFTs, and related digital assets is likely to drive the proliferation of these drainers.
Beyond this, Kaspersky experts anticipate an increase in services providing anti-virus evasion for malware, evolution in loader malware services, and dynamic market changes in Bitcoin mixers and cleaning services.
"Cybersecurity demands a proactive stance. Monitoring dark web market activities and trends is akin to peering into the enemy's playbook, allowing for early threat detection, understanding adversary tactics, and ensuring you're several steps ahead in terms of cyber defences. It's not just about protection; it's about mastering the evolving threat landscape to fortify against tomorrow's risks and ensure the resilience of corporate security," commented Sergey Lozhkin, Principal Security Researcher, Global Research and Analysis Team (GReAT) at Kaspersky.
The study forms part of Kaspersky's Security Bulletin, an annual series of predictions and analytical reports on key shifts within the cybersecurity world.