Resecurity Released a Status Report on Drug Trafficking in the Dark Web (2022-2023)

Cybersecurity firm Resecurity published report on drug trafficking marketplaces currently operating in the Dark Web

Resecurity, a Los Angeles-based cybersecurity and risk management provider has released an eye-opening report on drug trafficking marketplaces currently operating in the Dark Web. The report highlights a rapidly growing shadow economy, and new communication methods such as proprietary Android-based mobile apps criminals developed allowing them to migrate from traditional communication channels.

According to experts, following the takedown of the Hydra Marketplace by Germany’s Federal Criminal Police Office in a joint operation with the FBI, DEA, IRS Criminal Investigations, and Homeland Security Investigations (HSI) in April 2022, at least 10 darknet markets (DNMs) have risen to fill the regional void for drugs and other illicit goods.

Resecurity outlined a new marketplace called “Kraken”, which emerged right at the start of 2023 following the Christmas holidays and was designed in Hydra’s best tradition. Launched by the WayAWay Market founders, it has already accumulated over 1,720 reputable sellers and shops selling illicit goods.

At the end of 2022, major Dark Web drug markets were worth an estimated $315 million annually according to the United Nations Office on Drugs and Crime (UNODC). Resecurity estimates this figure to be significantly higher in 2023, the annual sale of illegal drugs on the Dark Web for 2022 exceeded $470 million – which is the result of increased geopolitical tensions, global pandemics, and the unprecedented growth of the international shadow economy.

The Resecurity® Hunter unit performed an extensive analysis of current trends and dynamics related to the underground economy around active DNMs leveraging technical means and human intelligence (HUMINT) sources. The research aims to provide awareness for international law enforcement, cybercrime investigators and intelligence professionals.

Based on the details provided in the released report over the summer of 2022, most pop-up markets on the dark web were primarily fighting for brand recognition, much like a ‘cyber-90s’ type of environment. Resecurity detailed the increasing tensions between different influence groups behind illegal marketplaces in Dark Web – attacking each other, performing DDoS attacks and trying to abuse the reputation of competitors to capture a bigger market share.

Notably, a dominating number of actors moved from the now closed Hydra to new marketplaces, and have started leveraging alternative digital channels – customized mobile apps and Instant Messengers (IM) including Telegram. Some channels have been identified by Resecurity; they are oriented towards English / German speaking audiences. The ecosystem of drug sales on the Dark Web pose threats internationally, several epicenters primarily concentrated in Eurasia and Central Asia and actively used for drugs trafficking are outlined in the report.

Resecurity has identified multiple drug shops on the Dark Web providing customers with customized Android-based mobiles with pre-installed apps used for purchases and secure communications, as well as sending instructions to couriers. The significance of this trend is increasing OPSEC measures (of threat actors) and a visible shift from traditional communication channels and apps to proprietary (developed by other actors operating in the Dark Web). These mobile apps are actively used by criminals to facilitate purchases, transactions, logistics, and to chat with their customers. Such interactions could be to discuss physical drop off points with specific instructions for example: The physical drop location with GPS coordinates, if buried then how deep it’s been buried at a specific GPS location, a photo of the location to help the buyers pinpoint the exact spot may also be included.

As the illicit trade of drugs continues to flourish in the dark web, it has become very clear illegal narcotics are not the only substances booming in Q1 of 2023. Resecurity noticed a sharp increase in demand for prescription pharmaceuticals. Such pharmaceuticals include Adderall, Atomoxetine, Mersyndol Forte Codeine, Morphine Zomorph Ethypharm, Oxycontin, and many others that are readily available on DNMs. Aside from prescription pharmaceuticals used to treat conditions such as extreme pain, anxiety, ADHD, Insomnia and many other ailments, male performance drugs such as Viagra, Cialis, and Kamagra Oral Jelly are also seeing a spike in popularity.

With counterfeit prescription Pharmaceuticals flooding the dark web, damage to both people and the legitimate pharmaceutical companies is becoming ever clearer.

Counterfeit prescription drugs can be difficult to spot, as they are often made to look like the real thing. They may have fake labels, packaging, and even holograms, making them indistinguishable from legitimate medications. In some cases, the drugs may contain only a small amount of the active ingredient, or none at all, meaning they are ineffective at best and potentially dangerous at worst. The consequences of taking counterfeit prescription drugs can be serious and even life-threatening. These drugs may contain toxic or unregulated ingredients that can cause serious side effects, including organ damage, heart attack, stroke, and even death. In addition, taking these drugs may delay or prevent proper treatment for the underlying medical condition, leading to further complications.

The best way to protect yourself from counterfeit prescription drugs is to only buy medications from reputable sources. This includes licensed pharmacies, either in person or online, that require a prescription from a licensed healthcare provider. It is also important to be aware of any red flags that may indicate a fake or unlicensed pharmacy, such as offers of prescription drugs without a prescription, extremely low prices, or unprofessional websites. Counterfeit prescription drugs sold on the dark web pose a serious threat to public health. These drugs may be ineffective or contain harmful ingredients and can have potentially deadly consequences for those who take them. To protect yourself and your loved ones, it is important to only buy medications from reputable sources and be aware of any red flags that may indicate a fake or unlicensed pharmaceuticals.

Resecurity forecasts an active growth curve in the Dark Web ecosystem centered around illegal drugs and counterfeit pharmaceuticals in light of  post-pandemics and complicated geopolitical agendas preventing law enforcement from operative cooperation. Resecurity provides specialized intelligence products for law enforcement which help track underground activity, and highlights the need to build advanced tactics towards threats originating from the Dark Web. 

The complete report is available on the REsecurity website.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, Drug Trafficking)

[adrotate banner=”5″]

[adrotate banner=”13″]