July 15, 2016
America operates on a capitalistic system and free market. Within these systems there is a golden rule: if someone is willing to buy, there is someone willing to sell. This applies to all manner of products from food to electronics. Our entire economy, and by extension, our society is built on this relationship. The tricky part is that it also applies to illegal activities and goods. If someone is willing to pay money for it, that hole in the market is going to be filled by an opportunistic merchant.
It seems like we hear about data breaches every day. Banks, websites, gaming networks, and more are hacked and thousands of user profiles are stolen. What happens to those accounts? Does that same hacker then manually steal the credit card information of each account for their own gain? Perhaps, but the same dynamic mentioned above applies here. If there is
someone willing to buy, there is someone willing to sell.
Peace_of_Mind and the For-Profit Hacking Industry on the DarkNet
If you ever attend any data security conferences and seminars, you are bound to hear the phrase, “hacking is an industry.” That concept is exemplified perfectly by the professional hacker, Peace_of_Mind, otherwise known as “Peace.”
Peace owns a webstore on the DarkNet, an anonymous hidden network that requires special software to access. It operates just like any other ecommerce store you expect to find on Amazon or Etsy. There are even user reviews giving positive feedback. The difference is that Peace sells the user accounts of real people on popular social media sites.
According to Peace’s interview on wired.com, he or she has an inventory of…
- 360 million Myspace accounts
- 68 million Tumblr accounts
- 71 million Twitter accounts
All of these accounts, passwords, and user information are ready for sale at a modest price.
Consequences of the Data Breaches: Password Overlap
It may seem like someone gaining access to your social media account wouldn’t have serious consequences. It definitely does.
We are (understandably) lazy with our passwords. With dozens of accounts for dozens of services, applications, websites, and banks, it is unwieldy to devise a different password for each and keep them all straight. Most people use the same password or one with a slight variation for all of our accounts, including social media. If someone with a mind to steal your identity purchases a Twitter account, they could have also purchased the password to your Netflix, Amazon, or Chase banking applications as well. From there, they can take anything they want.
Origin of the Accounts and Revenue
Two questions remain. Where did these accounts come from and how much money is Peace actually making from this endeavor?
- Origin: Peace claims that some of these accounts were stolen by him/her personally, while others were acquired by another person. Peace was a member of a hacking “team” that breached these social media channels. Some of these breaches and accounts go back as early as 2012.
- Revenue: In as little as a month’s time, Peace has reported to have made upwards of $25,000. That may not seem like much for the risk s/he is taking, but Peace is confident that authorities have no chance of catching him/her.
Read the Full Interview on Wired.com
Wired managed to contact Peace through the messaging system on the DarkNet ecommerce platform TheRealDeal. The Wired contributor conducted a brief, but telling, interview with the hacker. It is extremely interesting to read Peace’s statements. Peace is arrogant, confident, and clearly sure that s/he is protected from the multiple investigations involving their activities.
Like what you read?
About Mindsight
Mindsight, a Chicago IT services provider, is an extension of your team. Our culture is built on transparency and trust, and our team is made up of extraordinary people – the kinds of people you would hire. We have one of the largest expert-level engineering teams delivering the full spectrum of IT services and solutions, from cloud to infrastructure, collaboration to contact center. Our highly-certified engineers and process-oriented excellence have certainly been key to our success. But what really sets us apart is our straightforward and honest approach to every conversation, whether it is for an emerging business or global enterprise. Our customers rely on our thought leadership, responsiveness, and dedication to solving their toughest technology challenges.