Cyber situational awareness company Digital Shadows has unearthed an “all-in-one” outsourced online shop for cyber-criminals looking for low-cost entry methods to sell their ill-gotten assets.
The firm estimates the total number of shops hosted on Russian-language site Deer.io to be close to 1000, the majority of which selling products that are stolen or from compromised accounts. This is despite administrators insisting they warn their hosted shops not to sell illegal goods and deny all responsibility for any illegal items advertised.
However, the site has been detected as advertised on well-known criminal forums such as Xeksek, AntiChat, Zloy and Exploit, raising suspicions that organizers may be willing to turn a blind eye to some activity and listings.
“This is the continuation of a trend that we’ve been seeing for some time where the barriers to entry for cyber-criminals continue to be lowered,” James Chappell, founder and CTO of Digital Shadows, told Infosecurity. “In particular, this development improves the ability for criminals to sell much more readily.”
Deer.io offers services such as technical hosting including anonymity and security, payment handling, website design and distributed denial of service protection; things that hackers with little or no technical expertise often struggle to orchestrate themselves, so by providing them Deer.io is likely to be very attractive to users with low-technical capabilities, says Digital Shadows.
Chappell explained that this is the first time they have come across this type of ‘all-in-one’ outsourced online shop which provides hosting, design and a payment solution.
“It’s fair to say that the fact that all of these support services are wrapped into a one-stop shop marks a change and is a step up in terms of maturity in the marketplace. It’s also interesting to note that this exists on the surface web, which is a reminder that the dark web does not monopolize criminality.”
Deer.io also clearly seems to be a successful, profitable setup, claiming to have helped to generate more than 240 million rubles (RUB) (around $3.8 million USD) for its customers since at least October 2013. It charges a monthly fee of 500 RUB (approximately $8) to provide customer service and product development, and was observed giving prompt responses to queries. The breadth of offerings and responsiveness almost certainly contribute to the apparent popularity of the service.
Furthermore, the automatic payment system provided – available for Webmoney, Yandex Money and QIWI – enables transactions to occur 24/7 without requiring constant vendor attention.
“The ‘hands off’ nature of the way shops are run simply means criminal transactions can continue uninterrupted. The site seems to have focused on a high level of customer service,” Chappell added.
By Michael Hill