The lifespan of most darknet illicit markets is very limited. While some remain active for years, most only stay online for months. With the recent shutdown of Dreammarket and Wall Street, many people are currently asking themselves: are darknet illicit markets still relevant? We believe the answer is yes.

Evolution of online illicit markets

The first online illicit markets were created in the 80s. Back then, most transactions were in kind or for virtual goods (ex. information for software). Some allowed for the sale of products and software, but payment was slow and risky as individuals had to ship money through the mail.

Over the past 20 years, online illicit markets moved to discussion forums, chat rooms and more recently darknet illicit markets. Each iteration and evolution was motivated by disruption efforts by law enforcement. It had one goal in mind: improve the security and anonymity of transactions on online illicit markets.

Anonymizing technologies

The most sophisticated illicit markets today are hosted on the Tor network and recommend that their users route their connection through VPNs and other anonymizing technologies. They encrypt all the communications to protect against the seizure of servers. They trust no one so they use multisignature cryptocurrency wallets that are unseizable and anonymous.

These are impressive technologies. By and of themselves, they have not however prevented law enforcement from identifying offenders, arresting them and seizing servers. Large vendors on the darknet have been successfully targeted by months and years long international investigations. These involved time-tested techniques of following the money and confidential informants which take time and energy.

FBI announcing coordinated operation that identified multiple cybercriminals.

The success of this strategy has been published on the front page of many newspapers. What we rarely hear about, however, are all the offenders who evade detection and arrest because of the technology they use and more importantly their grasp of operational security.

Trust in technology, not people

No investigation has so far demonstrated a weakness in encryption, the Tor network or cryptocurrencies. Arrests and seizures are always about a problematic use of technology. Offenders understand this and believe that they know better than others. That they know how to remain under the radar and to operate without leaving any identifying trace. Operating in such a way requires a constant concern over security which few individuals can maintain over long periods of time.

This dichotomy between the security and anonymity that technology provides and the way that these technologies are actually used in real life explains all the drama and events we have witnessed over the years with online illicit markets being shut down, running exit scams or remaining active for long periods.

Offenders will always find value in online illicit markets and will believe that they will be the one to make it big without being arrested. Given the important resources needed to lift the veil of secrecy provided by technology, this has been a bet that most offenders could win. Very few were ever arrested because of their online activities. But the repeated events such as the closure of Dreammarket and Wall Street remind us all how fragile online anonymity can be and that even the best security in the world does not protect from victimization or arrest.

Subscribe to our blog to stay up to date on the darknet and cybersecurity.

Related articles

Comments are closed.