The report details an online underground economy that has matured into an efficient, global marketplace in which stolen goods and fraud-related services are regularly bought and sold, and where the estimated value of goods offered by individual traders is measured in millions of dollars. The report is derived from data gathered by Symantec’s Security Technology and Response (STAR) organization, from underground economy servers between July 1, 2007 and June 30, 2008.
The potential value of total advertised goods observed by Symantec was more than $276 million for the reporting period. This value was determined using the advertised prices of the goods and services and measured how much advertisers would make if they liquidated their inventory.
This paper studies an active underground economy which specializes in the commoditization of activities such as credit card fraud, identity theft, spamming, phishing, online credential theft, and the sale of compromised hosts. Using a seven month trace of logs collected from an active underground market operating on public Internet chat networks, we measure how the shift from “hacking for fun” to “hacking for profit” has given birth to a societal substrate mature enough to steal wealth into the millions of dollars in less than one year.