Analysis

Is this new zero-day dark market the real deal?

Davey Winder takes a look at the latest market to appear on the dark web and ponders whether it's a sting operation...

Yet another dark web market has emerged to fill the gap left by demise of the Silk Road and Silk Road 2, or at least that's the way it would appear with concern within the security industry over the discovery of TheRealDeal Market.

Just like the now infamous, and deceased, Silk Road markets TheRealDeal operates within the Tor network space to supposedly stay under the radar and provide anonymity for those who trade within it. Unlike the Silk Road incarnations though, TheRealDeal isn't primarily concerned with the sale of illegal drugs, instead it is concentrating on the trade in zero-day exploit code. That isn't to say there are no drugs, weapons and stolen credit card data sets for sale, but rather these are not the main focus of the site.

What this means is that you will find ready to roll exploit code which targets (according to the seller) the recently revealed MS15-034 Microsoft IIS Remote Code Execution vulnerability and is being sold with the necessary research data to enable the purchaser to put it to bad use. Another exploit already up and on offer includes zero-day code claiming to target remote database objects in the Apple iCloud, and another exploiting Android's WebView browser.

The creators of TheRealDeal Market claim it has come about in direct response to the number of dark websites which have emerged during the past few years which don't actually have anything of value to sell and are just scams. In order to prevent scams, the site operators have transaction fees and a multi-signature escrow model which requires two out of the buyer, seller and site admin parties to sign off a deal before money becomes available for transfer.

Operating for approximately a month now, TheRealDeal doesn't actually appear to be anything that new. After all, it still relies upon the Tor network and Bitcoin for anonymous trading. Both of which could prove to be its downfall, as neither prevented law enforcement from infiltrating and ultimately shutting down previously highly successful dark markets. The move away from drugs and weaponry might be seen as a tactic to avoid the attention of such law enforcement by some, however the reality is that by acting as a broker for premium zero-day code exploits the radar will be just as powerfully focused upon them.

Such places will always exist while there is a market for cyber criminals looking to purchase exploits, which can be hugely profitable; and it's this profitability question that makes me wonder if TheRealDeal is really anything to worry about. Take that iCloud exploit I mentioned earlier, which is selling for the equivalent of 11,000. Now that may seem a reasonable return, however, consider that the 'market value' of such an exploit (according to industry experts) would be in excess of 75,000 and you either have a real bargain or a scam on the table. Indeed, at that kind of asking price, assuming that's for a one off sale rather than an any takers kind of deal which would dilute the worth very quickly indeed to a serious criminal, the author of the exploit code would surely do better to approach the vendor and claim a security bug bounty.

Even if this dark market is 'the real deal' there remains another hurdle which could prove even harder to vault and that's the not too small matter of trust. With undercover FBI agents proving to be the downfall of The Silk Road, and plenty of increasingly more believable conspiracy theories regarding just how anonymous the Tor network is, trust has to be top of the agenda for potential dark traders. Indeed, there is already some discussion on both sides of the IT security fence as to whether TheRealDeal is in fact a law enforcement sting operation. 

Featured Resources

Navigating the new normal: A fast guide to remote working

A smooth transition will support operations for years to come

Download now

Leading the data race

The trends driving the future of data science

Download now

How to create 1:1 customer experiences at scale

Meet the technology capable of delivering the personalisation your customers crave

Download now

How to achieve daily SAP releases

Accelerate the pace of SAP change to support your digital strategy

Download now

Recommended

8 most secure web browsers
web browser

8 most secure web browsers

25 Sep 2020
Your essential guide to internet security
Security

Your essential guide to internet security

23 Sep 2020
How to enable private browsing on any device
privacy

How to enable private browsing on any device

22 Sep 2020
Third-party apps are tracking your WhatsApp activity
social media

Third-party apps are tracking your WhatsApp activity

21 Sep 2020

Most Popular

16 ways to speed up your laptop
Laptops

16 ways to speed up your laptop

16 Sep 2020
16 ways to speed up your laptop
Laptops

16 ways to speed up your laptop

16 Sep 2020
The Xbox Series X shows how far the cloud still has to go
Cloud

The Xbox Series X shows how far the cloud still has to go

25 Sep 2020