The Dark Web – Trends to watch for in 2024

The Dark Web garnered massive amounts of headlines a few years ago when the enormity of its size was first made publicly aware. Also the amount of unscrupulous criminal activity that was being conducted on the Dark Web was also a key theme.

The Dark Web – Trends to watch for in 2024

Since then its been monitored, raided and in some instances law enforcement has even managed to shut down large networks within it. But dont be fooled, the Dark Web is here to stay and these are the current trend threats that exist.

AV evasion for malware (cryptors) will increase

The trend observed in 2023, where services offering antivirus (AV) evasion for malware (cryptors), is expected to persist into 2024.

A cryptor is a tool specifically designed to obfuscate the code present in a malware sample. Its purpose is to make the code undetectable by signature-based scanners, thus enhancing its stealthiness.

The dark market is already replete with such services. Some of these offers are very popular on underground forums.

The spectrum of cryptors ranges from affordable options, priced between $10–$50 per encryption or $100 for a monthly subscription and catering to mass malware distribution with basic, short-lived protection, to premium cryptors costing between $1,000–$20,000 for a monthly subscription.

Tailored for targeted infection, these high-end cryptors provide advanced invasive capabilities for bypassing runtime protection by security solutions.

“Loader” malware services will continue to evolve

The landscape of “loader” malware services is anticipated to continue its evolution, offering increasingly stealthy loaders to cybercriminals.

These loaders, which act as an initial vector for malware infections, pave the way for deployment of stealers, various remote access Trojans (RATs), and other malicious tools.

The key capabilities of these loaders are expected to include robust persistence mechanisms, fileless memory execution, and enhanced resistance to security products.

The ongoing evolution of loaders on dark markets is likely to see the introduction of new versions written in modern programming languages like Golang and Rust in 2024.

This trend signifies a concerted effort by cybercriminals to enhance evasion techniques and improve the efficacy of initial infection vectors.

Crypto asset draining services will continue to grow on Dark Web markets

We anticipate a rise and further advancement in crypto asset stealers, leading to a corresponding increase in ads for its development and sale on the underground market.

The success of malware like Angel Drainer, reportedly used in the attack on Ledger, combined with continuing interest in cryptocurrencies, NFTs, and related digital assets, is expected to fuel the proliferation of such drainers.

This trend reflects the lucrative nature of targeting digital financial assets, making crypto assets an attractive target for cybercriminals.

As interest in, and usage of, these assets are growing, so, too, will the sophistication and prevalence of malware designed to exploit them.

Black traffic schemes will be very popular on underground markets

The trend of utilising Google and Bing ads for fake traffic gathering campaigns is projected to maintain its popularity.

Black traffic dealers, who orchestrate these campaigns by promoting landing pages embedded with malware installers, have been effectively infecting users through these deceptive ads.

These dealers are likely to step up sales activities on the underground market. At the same time, demand for such services is expected to increase, underscoring the effectiveness of mainstream ad delivery platforms for malware distribution and making it a preferred method among cybercriminals for reaching a wider audience.

As a result, we can expect a continued rise in these deceptive practices, posing a persistent threat to online users.

Evolution and market dynamics of Bitcoin mixers and cleaning services

Bitcoin mixers and “cleaning” services are showing signs of a continued rise in prevalence and sophistication.

With increased regulatory scrutiny and enhanced transaction tracking capabilities by law enforcement, demand for services that obscure the origin of Bitcoin funds is expected to grow in the underground markets.

These services, often referred to as “tumblers” or “mixers”, provide threats actors or other nefarious users with the ability to anonymise their cryptocurrency transactions, making them challenging to trace back to the source.

In 2024, we anticipate an expansion in the variety and complexity of these services.

This expansion is likely to be driven by the evolving needs of threat actors seeking to maintain privacy to engage in illicit activities, as well as by the continuous advancement in blockchain analysis tools.

Bitcoin mixers and cleaning services will likely incorporate more sophisticated algorithms and techniques to stay ahead of tracking efforts.

Moreover, the rise in the popularity of other cryptocurrencies with enhanced privacy features might also influence the Bitcoin mixer market.

Service providers could diversify their offerings to include mixing for these alternative cryptocurrencies, further expanding the scope of their operations.


The post The Dark Web – Trends to watch for in 2024 appeared first on Payments Cards & Mobile.