2.1 2.2 2.3 2.4 2.5 Conclusions 1 2 Bot Market Research As part of this report, we wanted to better understand the new evolving world of the bot markets. We collected an enormous amount of data to answer several questions: which market is the most dominant, which infostealer is used the most, which sector is the most exposed and what country is the most exposed in each sector and in general in these markets. Dominant market Dominant sector As we have seen, Russian Market is the most dominant out of the four investigated markets, accounting for 71% of the login credential sale offers observed in 2021. The next more active market was 2easy Market with 13% of the login credentials offered for sale, followed by Amigos Market with 10% and lastly Genesis with 5%. When it comes to infostealers, not all markets expose which stealers are behind the collected login credentials. As discovered, Redline infostealer provided 32% of the login credentials, making it the top infostealer as compared to the others. Due to the malware’s accessibility and reliability, we believe we will keep seeing it as a prime source on the bot markets in the future. In the matter of sectors, we found that the telecom sector was the most exposed sector in the markets out of the investigated sectors with 45% of the login credentials relating to this sector in 2021. We also compared the data over the years and discovered that the telecom sector demonstrated higher numbers of offers compared to the other sectors between 2019 and today. Spain was the most exposed country at the banking sector. France was the country that was most exposed at the telecom, energy, and government sectors. As we expected, the large western countries, such as France, Italy, Germany and Spain, received the highest number of login credentials offers traded online. These countries are more developed, their number of customers is higher compared to the least developed countries, and therefore they possess a higher risk and a higher value target for criminals. We expect to see these countries, along with other western countries, such as Canada and the USA, being a main target of hackers and APT groups in the future. 20 The Rise of Dark Web Botnet Marketplaces The Rise of Dark Web Botnet Marketplaces 20