Dark Web Diary


Q1 2017

DarkWebDiary.com provides a quarterly list of noteworthy dark web criminal activity occurring globally.


Street crimes are shifting to a deep web that is no longer just for hackers

Dark web criminal activity is a global epidemic

bradcaseyheadshotBrad Casey

Menlo Park, Calif. – Apr. 6, 2017

Identity fraud is arguably the leading crime committed on the dark web. There’s numerous reports of large scale identities-for-sale, with some criminals offering millions of stolen credentials.

The word ‘web’ conjures up images of identity theft, hacktivism, malware, and ransomware, but the dark web is rife with a growing universe of perpetrators engaged in child abuse, child pornography, drug dealing, firearms, fraud, human trafficking, money laundering, terrorism, and vigilantism.

The first edition of the Dark Web Diary provides a composite view of the various types of criminal activities being carried out on the dark web.


Mar. 30.  Apparently, the dark web is dangerous, as cyber experts report entire networks engaging in cyber fraud, child abuse, and other crime.

Mar. 29.  Millions of .edu email addresses are for sale on the Dark Web.  Security experts claim that these email addresses can be used to further a variety of nefarious purposes.

Mar. 28.  One of Australia’s police commissioners slams Facebook for harboring child pornographers, drug dealers, and fraudsters as he seems to equate Facebook with the dark web.

Mar. 24.  Enterprising individuals in the dark web utilize Amazon-like marketplaces to sell items such as credit card information, drugs, and firearms.  All one needs is a special browser and a Bitcoin account.

Mar. 22.  Twenty-two-year-old arrested in New York area as federal authorities say that the accused bought massive amounts of drugs in the dark web, and then attempted to move the drugs via various U.S. Post Offices.

Mar. 22.  A Russian hacker that went by the name ‘Kolypto’ pled guilty in Atlanta for selling the banking trojan known as ‘Citadel’ via dark web forums.  The malware resulted in criminals stealing approximately $500 million.

Mar. 21.  Millions of Bitcoin accounts are for sale in the dark web via a vendor named ‘DoubleFlag’.  The vendor is selling the databases of 11 Bitcoin forums that were stolen between 2011 and 2017.

Mar. 21.  A former Australian attorney is arrested for producing and selling child pornography on the dark web.  

Mar. 16.  Twenty-year-old body builder in the U.K. dies after taking a cocktail of drugs purchased from the dark web.  Some of the drugs found in his system were morphine, sleeping tables, and steroids.

Mar. 15.  According to Cifas, UK identity fraud is at an all-time high.  In the year 2016, 172,919 identity thefts were recorded by Cifas.

Mar. 10.  A Michigan man is sentenced to 30 months in prison after being arrested for purchasing amphetamines, LSD, and mescaline via the dark web.  The currency utilized for the purchase was Bitcoing.

Mar. 09.  The system administrator of the dark web marketplace known as ‘Silk Road’ is to be extradited to the U.S. despite his Asperger’s Syndrome condition.  

Mar. 09.  640,000 Playstation accounts are currently for sale via the dark web.  The vendor selling the accounts goes by the handle ‘SunTzu583’.

Mar. 09.  Anonymous takes down approximately 85% of the dark web as it goes after Freedom Hosting II.  Apparently, Anonymous has a problem with this hosting service providing child pornography content.

Mar. 07.  Due to fears that investigative tactics and techniques could be compromised in court, the U.S. Justice Department decides to drop all charges against a known pedophile.

Mar. 07.  Two suspected terrorists are arrested in The Netherlands after they are caught attempting to purchase Semtex from a dealer in the dark web.  Suspects were first noticed by the FBI, and later reported to the Dutch authorities.

Mar. 07.  Police in Germany are hunting for a 19-year-old child killer after the suspect posted a video on the dark web where he openly bragged about the murder.

Mar. 06.  Ransomware being given away on the dark web for free.  The only catch is that criminals who utilize the malware agree to a 50/50 split with the developer – just to keep everything ethical.

Mar. 06.  Over 1 million Gmail and Yahoo usernames and passwords are for sale on the dark web.  The hacker known as SunTzu583 is reportedly the person who put the items up for sale.


Feb. 28.  A Virginia man is sentenced to 7 years in prison for running a credit card forgery lab in his home.  He would create the credit cards using information purchased via the dark web.

Feb. 27.  Hundreds of MySQL databases have been hit by ransomware that resembles the MongoDB attack from earlier this year.  Victims are told to issue Bitcoin payments to a site within the dark web.

Feb. 23.  Eighteen-year-old male is killed after consuming a designer drug purchased via the dark web.  The drug was sourced to a supplier in Thailand.

Feb. 20.  A Kansas man is sentenced to 52 months in prison for gun running via the dark web.  The primary destination of the weapons was Ireland, Scotland, and Australia.

Feb. 15.  Due to research within the dark web, Recorded Future finds that criminal hacker ‘Rasputin’ has gained access to various university computer systems.  Some universities include Cornell and NYU.

Feb. 10.  In a rather disturbing development, Italian investigators reveal that ISIS is able to purchase U.K. passports via the dark web as they continue to thwart Brexit security.

Feb. 08.  The U.N. warns that the Daesh terrorist group shifting their communications to the dark web.  Much of the group’s recruitment efforts are being carried out via the dark web.

Feb. 07.  Six people from the U.K. are hospitalized after they purchase prescription drugs from dealers within the dark web.  Some of the drugs were alleged to be Oxycontin and Xanax.

Feb. 07.  Vigilantism on the dark web appears to be alive and well, as a hacktivist associated with Anonymous takes down approximately 2,000 sites that provide child pornography content.

Feb. 03.  A man who worked at a drug treatment center smelled opportunity by selling heroin over the dark web to current patients.  He pled guilty in a Seattle courtroom.

Feb. 03.  Investigators caution against writing down too much personal information in doctor’s office as much of this data ends up being sold on the dark web.

Feb. 01.  A report released by RedOwl reveals that various sites within the dark web are actively recruiting individuals from various companies to provide insider information in exchange for pay.


Jan. 31.  Research conducted by RedOwl and Intsights indicates that corporate insider trading via the dark web is on the rise.  Several sites brazenly market themselves to those interested in such activity.

Jan. 31.  Cyber security officials in the UK begin to worry as the BBC demonstrates how easy it is to purchase fraudulent rail tickets via the dark web.

Jan. 27.  Digital Shadows organization discovers a new Rat-as-a-Service tool known as Ripper.cc.  Apparently, the people at Ripper.cc provide a platform for people to ‘rat’ on other hackers.

Jan. 24.  Indian government officials fear an uptick in live streaming of sexually abusive content as the dark web begins to incorporate live streaming into its nefarious tool belt.

Jan. 23. The infamous site for pirated movies known as ThePirateBay has gone down recently.  However, the domain appears to be active within the dark web.

Jan. 20.  A Milford, Conn. man is arrested after obtaining hundreds of child porn videos from the dark web.  The accused was a custodian at a local elementary school.

Jan. 20.  Just when it looked as though humanity couldn’t get any worse, dealers within some of the darkest crevices of the dark web begin to sell sex robots modeled after children.  Some sites sell their product for as much as 1.9 bitcoin.  

Jan. 19.  Fraud is, by far, the most common crime committed in the cyber realm as the proliferation of dark web users continues at a rapid pace.

Jan. 18.  An estranged husband finds it more convenient to kill rather than divorce his wife as he took bids in the dark web for contract murderers.

Jan. 18.  The U.S. Postal Service decides to dip its toe into dark web investigations as it begins to hire intel analysts experienced in cyber investigation.

Jan. 16.  A group that was engaging in cyber fraud is arrested in the UK for obtaining the credentials of various Next customers, and utilizing their information to make purchases.  Purchase of credentials took place via the dark web.

Jan. 09.  In an effort to index sites from the dark web in a manner more easily searchable, the U.S. Department of Defense launches project Memex.  Tools such as Apache Tika are utilized for quicker indexing.

Jan. 09.  A former prison librarian who referred to himself as ‘007’ is arrested for attempting to purchase a Glock 19 on the dark web, but the joke’s on him because James Bond’s weapon of choice was the Walther PPK/S.

Jan. 07.  Dark web drug trading lands two UK men in jail.  The accused would purchase narcotics from Holland, and then make offers via the dark web.

Jan. 06.  A dark web drug dealer is handed a 7 year prison sentence after he is arrested for dealing drugs from his grandmother’s basement.  

Jan. 03.  A UK man is arrested and now faces 20 years in prison for posing as a financier for nefarious individuals via the dark web.

Stay tuned for the Q2 edition of the Dark Web Diary.

Brad Casey is a freelancer writing about any and all things IT and cybersecurity related.


© 2016-2017 Cybersecurity Ventures. All rights reserved. Federal copyright law prohibits unauthorized reproduction of this Report by any means and imposes fines up to $150,000 for violations. Reproduction in whole or in part in any form or medium without expressed written permission of Cybersecurity Ventures is prohibited.