What’s for Sale on the Dark Web (and How AI Is Changing the Marketplace)
The dark web is a thriving marketplace where illicit goods and services are bought and sold by actors that range from nation-state threat groups to teenage hackers. This underground economy ranks as the world’s third largest and poses a significant threat to businesses, requiring constant attention from IT professionals. The rise of artificial intelligence (AI) has had a transformative impact on the dark web, just as it has in many other areas. Understanding how cybercriminals profit on the dark web and how AI has fundamentally changed the game is essential for IT professionals developing effective defense strategies.
Are you feeling overwhelmed by IT tasks? Let us show you how to reduce your security workload! GET TIPS>>
Examples of dark web price points
Like in legitimate economies, pricing on the dark web reflects a dynamic interplay of supply, demand and competition. These examples illustrate typical pricing for common items and services available in dark web markets. Understanding these price points can help IT professionals anticipate threats and prioritize cybersecurity defenses to protect valuable assets.
Example pricing of goods and services on the dark web as of 2024
| Item or service | Estimated pricing |
| US ID (physical form) | $150 – $160 |
| EU passport (physical) | $3,800 |
| DDoS attack: 20,000 – 50,000 requests per second for 24 hours on a protected website | $200 and up |
| High-success rate malware | 1,100 to $1,800 |
| Mastercard (PIN included) | $20 |
Source: Privacy Sharks
Get to know the players, commodities and places that are shaping today’s dark web. DOWNLOAD EBOOK>>
A brief catalog of the goods & services available on the dark web
A wide variety of goods and services, from hacking to designer knockoffs, are available on the dark web. These examples illustrate the breadth of the shopping that’s available in dark web markets:
Cybercrime-related services
Similar to the Software-as-a-Service (SaaS) model, a panoply of cybercrime services are available on the dark web.
- Cybercrime-as-a-Service (CaaS) is an umbrella term that encompasses a galaxy of specialized cybercrime service providers. The industry has transformed the cybercrime landscape, making it a snap for even novice cybercriminals to conduct dangerously sophisticated attacks against businesses.
- Ransomware-as-a-Service (RaaS) platforms, run by cybercrime gangs or independent operators, offer preconfigured ransomware tools that enable bad actors to launch attacks with ease while the platform operator takes a share of the ransom.
- Phishing-as-a-Service (PhaaS) platforms have made conducting sophisticated phishing campaigns cheaper and easier than ever. A subscription to a Phishing-as-a-Service (PhaaS) platform gives bad actors access to everything they need for successful phishing from slick branded email templates to full-service concierge operations.
The CaaS world also includes Distributed Denial-of-Service (DDoS) attack tools, exploit kits, credential stuffing services and brokers selling stolen credentials and data.
Learn how to minimize phishing risk with AI & automation in The Anti-phishing Email Security Buyer’s Guide GET IT>>
Hot commodities
Shoppers can easily purchase just about anything on the dark web, from fake designer purses to medical records or even a whole new identity. These are some of the major commodities that are bought, sold and traded on the dark web.
Fullz: Complete sets of personally identifiable information (PII), often referred to as fullz, are hot items. Bad actors can use fullz to facilitate identity theft and commit fraud, like opening a fake bank account to launder money.
PII, PMI and other personal data: PII, protected medical information (PMI) and similar data are highly sought after on the dark web. Medical records can be used for insurance fraud and blackmail while personal details power spear phishing and identity theft.
Intellectual property and proprietary data: Proprietary business data, including contracts and invoices, can fuel business email compromise (BEC) attacks. Intellectual property, like patents, trademarks blueprints and proprietary designs, are also highly valued.
Zero day exploits: Software vulnerabilities that are unknown to the vendor are very desirable and often used for espionage or major cyberattacks.
National security data: Nation-state actors value sensitive government information, including power station schematics, military capacity data and intelligence reports.
Illicit trade: Non-cybercrime illicit commerce on the dark web includes designer knockoffs, weapons, drugs, endangered species and human trafficking.
Uncover today’s worst phishing threats and see smart strategies to keep businesses out of trouble. GET EBOOK>>
4 ways AI has impacted the dark web economy
The widespread adoption of AI by cybercriminals has significantly impacted the pricing for cybercrime, reshaping the underground economy in several ways.
Increased accessibility and automation
AI has lowered entry costs for budding cybercriminals, making sophisticated attacks cheaper and more accessible. For example, AI-driven phishing kits are now available for as little as $50 to $500, compared to higher prices in the past when technical expertise was required. AI automates tasks like cracking passwords, creating deepfake identities or generating phishing emails at scale. This reduces the labor costs for cybercriminals, which in turn lowers the price of these services on the dark web.
Shift in data value
Data analysis is an area where AI shines the most. AI-driven tools can sort and analyze stolen data for precision targeting, increasing the value of highly specific datasets like financial information or corporate credentials. Such curated data fetches higher prices, while bulk, unsorted data has seen price declines due to oversupply. AI’s ability to estimate the potential profitability of stolen data has led to variable pricing based on the victim’s perceived financial worth or the value of their corporate access.
Specialization of services
AI’s analysis capabilities makes it easier for bad actors to mount precisely tailored attacks, like crafting detailed phishing emails using language models or targeting vulnerabilities in specific software. This customization increases the price for specialized services, even as generalized services like bulk credential sales become cheaper.
AI is also increasingly used to identify zero-day vulnerabilities, which are rare and valuable. Prices for these exploits remain high, often exceeding $1 million, driven by their scarcity and utility for targeted attacks.
Market saturation and competition
As the entry bar into cybercrime is lowered, the market has become increasingly saturated for low-tier goods like stolen PII or subscription credentials, pushing prices down. Savvy sellers are turning to AI to differentiate their offerings, with services such as AI-enhanced tools with support or guaranteed higher success rates, which can slightly increase prices for premium services.
While AI has lowered costs for some aspects of cybercrime, it has also created new challenges for defenders, as attacks become more complex, precise and scalable. As AI advances, bad actors increasingly exploit it to carry out sophisticated cyberattacks, reshaping the underground economy while creating complex challenges for defenders.
Learn how to identify and mitigate malicious and accidental insider threats before there’s trouble! GET EBOOK>>
Fight back against dark web danger with cutting-edge security solutions
Mitigating risk is a complex proposition in today’s rapidly evolving landscape. Our security solutions arm IT professionals with the tools they need to protect systems and data without breaking the bank.
Our robust, affordable security solutions equip IT professionals with cutting-edge tools that help them mitigate dark web risks and protect sensitive data. With smart automations that streamline tasks, you can stay ahead of emerging threats while focusing on what matters most: protecting your organization.
BullPhish ID: This effective, automated security awareness training and phishing simulation solution provides critical training that improves compliance, prevents employee mistakes and reduces a company’s risk of being hit by a cyberattack.
Dark Web ID: Our award-winning dark web monitoring solution is the channel leader for good reason. It provides the greatest amount of protection around with 24/7/365 human- and machine-powered monitoring of business and personal credentials, including domains, IP addresses and email addresses.
Graphus: This automated anti-phishing solution uses AI and a patented algorithm to catch and quarantine dangerous messages. It learns from every organization’s unique communication patterns to continuously tailor protection without human intervention. Best of all, it deploys in minutes to defend businesses from phishing and email-based cyberattacks, including zero day, AI-created and novel threats.
Schedule a demo of BullPhish ID, Dark Web ID and Graphus: BOOK YOUR DEMO>>
Read our case studies and see how MSPs and businesses have benefitted from using our solutions. READ NOW>