Besides selling their company’s secret information, researchers also found evidence of rogue staff, in some cases, even working with hackers to infect their company networks with malware.
Kick Ass Marketplace offers a subscription of up to one bitcoin (currently around $950) a month to its clients for giving them access to a variety of “vetted and accurate” insider information that is posted onto the website.
Every post is assigned a “confidence rating,” along with advice on whether to buy and sell stock in the associated company, allowing its clients to cash in on the insider secrets they collected.
In May last year, an administrator of the Kick Ass Marketplace site going by the pseudonym “h3x” was interviewed by DeepDotWeb, claiming that his site had 15 investment firm members, 25 subscribers, 3 hackers and 2 trading analysts who observe financial markets and verify the integrity of stolen data before posting it to the website.
According to the new report “Monetizing the Insider: The Growing Symbiosis of Insiders and the Dark Web” published Wednesday, Kick Ass Marketplace posts about five high confidence insider trading reports every week and makes some US $35,800 a week.
Researchers at RedOwl and IntSights also analyzed another dark web marketplace called “The Stock Insiders” (Onion URL) that only focuses on insider trading opportunities, like recruiting cashiers or other low-end retail staff to cash out stolen credit cards for resellable goods like Apple iPhones.
“In one instance, a hacker solicited bank insiders to plant malware directly onto the bank’s network,” says the researchers Ido Wulkan (IntSights), Tim Condello (RedOwl), David Pogemiller (RedOwl).
“This approach significantly reduces the cost of action as the hacker doesn’t have to conduct phishing exercises and can raise success rates by bypassing many of the organization’s technical defenses (e.g. anti-virus or sandboxing).”
The trio even discovered that one hacker was ready to pay the insider “7 figures on a weekly basis” for helping him gaining access to a bank’s computer.
The activity of company’s insider threats on dark websites has doubled in the last year, which poses a real threat to both consumers and investors, causing greater financial losses than attacks that originate outside the company.
RedOwl and IntSights suggest that corporations should take the insider threat more seriously by making use of IT security systems to carefully monitor their employees without violating their privacy.