Kaspersky Study: Dark Web Ads Offer Jobs, Careers in Cyber Crime
Some dark web job ads included bonuses and commissions for successful projects.
![Dark Web, hacker Dark Web, hacker](https://eu-images.contentstack.com/v3/assets/blt10e444bce2d36aa8/blt78202a114771e09b/6524083d8b001027b2b99ada/Dark-Web.jpg?width=700&auto=webp&quality=80&disable=upscale)
Shutterstock
Developers were the most in-demand specialists on the dark web, accounting for 61% of all ads, according to Kaspersky. Within this specialty, web developers, who create various internet products like phishing pages, were most sought after, accounting for 60% of these ads. Malware coders were also highly valued. This job description can include development of Trojans, ransomware, stealers, backdoors, botnets and other types of malware, along with the creation and modification of attack tools.
Attackers, or IT specialists who conduct attacks on networks, web applications and mobile devices, were the second most popular jobs among cybercriminal employers, accounting for 16% of the total ads, Kaspersky said. This job’s closest approximation to a legitimate profession is penetration tester.
Most of the attackers’ jobs on the dark web were associated with actions that would compromise corporate infrastructure. The goals of these actions are ransomware infection, data theft or stealing cash directly from accounts. Some cybercriminal groups hiring attackers were focused on selling access to compromised systems to other cybercriminals, or hacking web and mobile applications.
Designers were the third most in-demand professionals, with 10% of ads. Their goal usually is to make a malicious product, such as a phishing page or letter that would be hard to distinguish from the real thing.
Dark web employers also look for IT administrators, reverse engineers, analysts, testers and other less common IT jobs, various kinds of engineers and architects, support specialists, technical writers, forum moderators, and even executives and project managers.
Kaspersky analyzed IT jobs and selected more than 160 of the ones that explicitly cited a salary, although dark web employers typically state rough salary figures. The median levels of pay offered to IT professionals varied between $1,300 and $4,000 monthly. The highest median salary of $4,000 could be found in ads for reverse engineers.
The highest monthly salary Kaspersky saw in the ads was $20,000 awarded to a developer. The lowest fee offered was just $200. Some dark web job ads included bonuses and commissions for successful projects, such as extorting a ransom from a compromised organization.
There are risks if the potential employee accepts all the responsibility of working for the dark web, said Kaspersky’s Polina Bochkareva. Those include unpaid labor, involvement in fraudulent schemes, deanonymization, trials and imprisonment.
“Otherwise, IT professionals are enticed by easy money [and] lack of common requirements (a higher education degree, military service record, etc.), and see employment for the dark web as a good way of freelance and remote working,” she said.
Quite often there are ads similar to the vacancies from legitimate recruiting sites, Bochkareva said.
“For example, the requirements are often described quite professionally as in the regular labor market,” she said. “Moreover, cyber crime and hacker groups offer such terms as remote work, prospects of promotion incentive plans, paid time off, paid sick leaves and even a friendly team.”
Criminals rarely delete posts due to hiring the right candidates.
The Kaspersky study provides the most recent postings from cybercriminal groups, Bochkareva said. It doesn’t track whether job ads are increasing.
“The statistics of this may be due to the fact that the complexity of cyberattacks is growing,” she said. “For example, an increased demand for developers could be explained by a need to create and configure new, more complex tools.”
The Kaspersky study provides the most recent postings from cybercriminal groups, Bochkareva said. It doesn’t track whether job ads are increasing.
“The statistics of this may be due to the fact that the complexity of cyberattacks is growing,” she said. “For example, an increased demand for developers could be explained by a need to create and configure new, more complex tools.”
For developers, designers, testers and others displaced by cybersecurity layoffs, there’s always work in cyber crime, according to a new Kaspersky study.
The Kaspersky study examines the dark web job market. Kaspersky analyzed 200,000 employment ads about long-term or full-time jobs from 2020 through June of 2022.
To be clear, Kaspersky isn’t recommending these ads to jobseekers. It tracked this data to keep tabs on the bad guys.
Job requirements included creating malware and phishing pages, compromising corporate infrastructure, hacking web and mobile applications, and other responsibilities. The median levels of pay offered to IT professionals varied between $1,300 and $4,000 per month.
Some 41% of ads were posted in 2020, with activity peaking in March. That’s possibly because of a pandemic-related income drop experienced by parts of the population.
Polina Bochkareva is a security services analyst at Kaspersky.
“IT headhunting is one of the numerous topics which is constantly discussed on the dark net,” she said. “Nowadays, tracking cybercriminals’ interests and continuous analysis of their activities is vital for companies that want to proactively respond to cyberattacks and keep their information security at the highest level. The more you know about your adversary, the better prepared you are.”
Scroll through our slideshow above for more from the Kaspersky dark web job market study.
Want to contact the author directly about this story? Have ideas for a follow-up article? Email Edward Gately or connect with him on LinkedIn. |
About the Author(s)
You May Also Like