1 2 Executive Summary Trade of stolen credentials affects real life The cyberattack on the American oil infrastructure company, Colonial Pipeline, occurred in 2021 due to a single compromised password. The compromised password was possibly observed on the Dark Web and was used through a virtual private network account to gain entry to Colonial Pipeline’s network. The billing system was compromised and nearly 100 gigabytes of data were stolen. The pipeline was shut down as a precaution due to the concern that the attackers had obtained data that would allow them to carry out further attacks on vulnerable parts in the system. The fuel shortages affected the flight schedules in the Charlotte Douglas International Airport and in at least five other airports directly serviced by the pipeline. The average fuel prices rose to the highest since 2014 following the shortage, and $4.4 million was paid as ransom 2 . One of these markets, Genesis Market, had been linked to several breaches, including Electronic Arts (EA), the video game publisher. In this instance, the hacker exposed sensitive data and the source code of FIFA 21 3 . The hacker admitted he purchased the login credentials for EA’s Slack account for $10 and then tricked EA’s IT support into granting him access to the company’s internal network 4 . In this report we investigate the markets from a macro level. We start by examination of the top four markets, the volume of each, the infostealers used in these markets. We continue with research of the top companies from four selected sectors, banking, telecommunication, government, and energy, from 20 different countries, primarily in Europe. 1 Of data stolen 100GB Million ransom 4.4$ Flights were rejected Fuel prices have risen Password https://www.cbsnews.com/news/genesis-cybercriminal-market-ransomware/ https://www.reuters.com/business/colonial-pipeline-ceo-tells-senate-cyber-defenses-were-compromised-ahead- hack-2021-06-08/ https://www.vice.com/en/article/n7b3jm/genesis-market-buy-cookies-slack?utm_source=motherboard_twitter 2. 3. 4. 4 The Rise of Dark Web Botnet Marketplaces