- Confidential and Proprietary - Luminar Annual Threat Landscape Report Page 15 4.1.2 Maintenance and Security Since the beginning of 2021, it was reported that several Russian-language forums have been breached by competitors. The breaches were publicly disclosed elsewhere, with some instances of user data being leaked or put up for sale. Such events can result in user data being compromised, leading cybercriminals and their customers to fear that their identity and location could be revealed and their connections to illegal websites exposed. 35 In a similar fashion, marketplace owners must keep their physical assets protected, which requires them to tend to security vulnerabilities, as protection and trust in the platforms are critical for users and vendors alike. Versus Market is one example of a popular marketplace that had to shut down due to a security flaw. In May 2022, the English-language Dark Web marketplace shut down after discovering a severe exploit that could have allowed access to its database and exposed the IP address of its servers. 36 In addition, user disputes on forums may cause significant implications for vendors. For example, if a user claims a vendor scammed him, the forum moderator will probably require the vendor to pay a fine. According to a report that was published recently, the underground platforms host a wide array of fraudsters, who successfully extract millions of dollars annually from other cybercriminals. 37 Also, the community nature of many cybercriminal platforms raises the risk of other threat actors doxxing (revealing identifiably information such as real names, addresses, mobile numbers and social media profiles, among others) a vendor, if they believe he had defrauded them or if the two sides have some disagreements. For example, in late May 2022 we identified an article that was reposted multiple times on several Russian-speaking Dark Web forums about a person allegedly behind two groups that sell malware. The article accused that person of being a scammer, claiming that he had simply copied old projects and sold them as new ones. Ultimately, that individual’s personal details (real name and aliases) were exposed. The maintenance of such platforms requires a great effort, which urges some marketplaces owners to shut them down altogether. During 2021, at least three Dark Web marketplaces were shut down. In December 2021, ToRReZ marketplace, which launched in February 2020 and claimed to have had more than 160,000 registered users, was shut down. In early October 2021, White House Market announced it shut down its operations almost two years after it was launched. In November 2021, Cannazon market also shut down its operations. While the first two marketplaces’ admins did not 35 https://intel471.com/blog/mazafaka-hacked-cybercrime-forums-exploit-crdclub-verified/ 36 https://www.bleepingcomputer.com/news/security/darknet-market-versus-shuts-down-after-hacker-leaks- security-flaw/ 37 https://www.darkreading.com/threat-intelligence/metaparasites-the-dark-web-scammers-turn-on-their- own