Minimize your digital risk by detecting data loss, securing your online brand, and reducing your attack surface.
A powerful, easy-to-use search engine that combines structured technical data with content from the open, deep, and dark web.
Digital Risk Protection
Read our new practical guide to reducing digital risk.
New report recognizes Digital Shadows for strongest current offering, strategy, and market presence of 14 vendors profiled
Read Full Report
Last week we wrote about the disappearance of AlphaBay dark web marketplace and assessed three potential scenarios to look out for next. We briefly alluded to new models for criminal online commerce, such as those espoused by OpenBazaar. In this blog, we wanted to drill down into the drivers that would contribute to an increased interest in decentralized marketplaces.
AlphaBay’s disappearance has highlighted a continuing problem with the marketplace model: users must trust site operators and other users who are anonymous, willing to commit crimes, and potentially untrustworthy. Other issues with the marketplace model include sites’ vulnerability to law enforcement; by targeting site operators law enforcement agencies can potentially seize servers and gather intelligence on users, shut a site down entirely, or even take it over and run it as a “honeypot”. In this case, a honeypot would be a deception operation in which law enforcement attempts to attract criminal actors engaged in illicit activity to use a law enforcement operated service in order to facilitate information gathering.
An alternative model that precludes many of these issues is presented by P2P decentralized marketplaces, as recent reporting from DeepDotWeb regarding a dark web marketplace project on the Ethereum platform dubbed “Tralfalmadore” has demonstrated.
Decentralized marketplaces use blockchain technology: a project blockchain serves as the back-end for the marketplace, storing the necessary databases and code to support front-end user interfaces. All transactions are made using cryptocurrency and are recorded as smart contracts on the blockchain. This addresses problems with user trust — if all transactions are permanently and immutably recorded, vendors who attempt to scam other users can be more easily identified. Furthermore, platform operators have no control over listings and the platform is split among many nodes, making it highly resilient to law enforcement takedowns or attacks by other criminal actors.
In addition to Tralfalmadore, a project dubbed OpenBazaar has been active since Apr 2016. Despite its advantages over a traditional marketplace, the platform has not been used for criminal activity to any great extent and support for the decentralized model within the criminal ecosystem has remained low. Our monitoring of criminal sites has indicated that a significant proportion of former AlphaBay users have migrated to Hansa, another marketplace platform. Based on an examination of criminal forums and discussion boards, we have identified the following drivers likely to be significant in future development of decentralized criminal marketplaces.
Figure 1 – Table of drivers likely to influence the development of decentralized criminal marketplaces.
We assess that it is unlikely decentralized criminal marketplaces will become widely adopted in the near to mid-term future; at the time of writing, traditional marketplaces and P2P interactions on forums have remained by far the most common platforms for criminal commercial enterprises. Furthermore, no platform with popular appeal to criminal actors yet exists.
However, if projects such as Tralfalmadore are able to become established, they are likely to become more widely used in the long term. Drivers identified in this article are likely to be viable measures for assessing the prospects of newly established decentralized criminal marketplaces.
The potential future emergence of decentralized marketplaces within the criminal ecosystem poses significant challenges for law enforcement agencies and private security vendors. Although public blockchains can be freely mined for data, the very high volume of content is likely to make parsing this information and developing actionable intelligence very technically and logistically challenging. Furthermore, previous law enforcement operations targeting criminal marketplaces or forums have tended to revolve around targeting site operators or geolocating servers and conducting raids; neither of these would likely be effective for targeting a decentralized platform. In this scenario, it would be more effective to target individual prominent vendors or vendor networks and attempt to identify and locate them.
Therefore, although decentralized marketplaces are unlikely to become significant within the criminal ecosystem in the near to mid-term future, they potentially represent a significant longer-term challenge for law enforcement and security vendors.