Well coordinated recruitment campaigns aimed at attracting talented personnel to join cyber criminals’ efforts in financial gain through malicious activity have been found on the dark web.
The dark web has always attracted criminal activity due to its ability to provide anonymity for threat actors which in turn has allowed criminal groups to grow and produce organised cybercrime entities to take a proactive approach to their recruitment.
Between January 2020 and June 2022, security vendor Kaspersky reviewed 155 dark web forums for job postings and applications.
In March 2020, when the first Covid19 lockdown was announced in the UK, there was a wave of redundancies around the world. This presented an opportunity for threat actors to recruit IT-based employees suddenly out of work…and desperate for it.
For some, the dark web remains an exciting and interesting prospect. Even for law-abiding employees, the curiosity and mystique that surrounds the murky underbelly of the web - combined with their newly unemployed status - may have been enough to lure them to the depths of online depravity.
Also, the salary difference between the legitimate economy and the illicit economy of the dark web is similar for the IT positions that Kaspersky reviewed.
However, there are a number of other reasons that make illicit jobs attractive.
They can be more accessible to those with less experience, or to those who have prior criminal convictions and therefore struggle to find work due to these past misdemeanors.
Elsewhere, dark web jobs enable digital nomads to work anonymously from countries in which cyber-criminal activity goes beneath the radar somewhat, but also because policing the dark web is almost impossible due to its vast size. Employees operating illegally in this arena may never be exposed unless they erroneously ‘come up for air’.
Some recruitment posts were particularly attractive and offered instant bonuses for each successful assignment.
While various roles are required to maintain a widescale cyber operation, the highest in demand positions were for developers to create custom malware and tooling, penetration testers for gaining access to and further compromise the victim, as well as designers for creating credible lures, login pages and landing sites for social engineering attacks.
So, who knew? LinkedIn has a dark cousin lurking underground. But don’t read this article and think ‘I might try that’. The dark web is a dangerous place. It’s like Mos Eisley, the villainous spaceport on the planet of Tatooine in Star Wars. For none Star Wars fans, think of it as a hive of felons, organised crime groups and people you do not want to mix with.
As Obi-Wan Kenobi said to Luke Skywalker, “You will never find a more wretched hive of scum and villainy. We must be cautious." He could so easily have been talking about the dark web.
Still unsure what the dark web is all about? Read our blog, 'What is the dark web? The dark web defined and explained'.
Reporting
Report all Fraud and Cybercrime to Action Fraud by calling 0300 123 2040 or online. Forward suspicious emails to report@phishing.gov.uk. Report SMS scams by forwarding the original message to 7726 (spells SPAM on the keypad).