Darknet Market Price Index: 2020 Report

Our latest analysis of the dark web trade in hacked accounts how the value of online log-ins for brands such as Peloton, Instacart, and Amazon increased in value as people spent the majority of their time at home.
Darknet Market Price Index 2020 Report header illustration of a man sat at a laptop
Simon Migliano

UPDATED 1 Sep 2021 to reformat for improved user experience.

  • 2020 boom brands: Over 50% of accounts in Index were not being traded on darknet markets last year. Instacart ($22), Peloton ($18), Postmates ($15) and Amazon ($14.50) hacked credentials currently have some of the highest price tags.
  • Health & wellness: Daily Yoga ($9.50), Ten Percent Happier ($8.50), Aaptiv ($8.50) and Headspace ($7) accounts are more valuable than those of many streaming services and online stores
  • Streaming: Hacked Netflix accounts ($6) have dropped over 40% in value since last year. While Disney+ ($7) and Hulu ($5.50) logins sell for similar amounts, Amazon Prime Video ($13.50) credentials are worth double that.
  • Personal finance: Cash App ($47) and Venmo ($14) accounts are selling for more than PayPal ($11)

How Social Shifts Impacted Dark Web Prices

This August 2020 update to the Price Index reveals the landscape of the dark web market trade in hacked accounts has significantly transformed once again since we last published the Index a year ago.

See all our dark web price data for online account log-ins from 2018 onward

The two main drivers of these changes are:

  1. The darknet markets bouncing back after major busts in 2019
  2. Major shifts in consumer behavior due to more time spent at home

The emergence of new markets and vendors[1] has prompted a correction to prices that spiked due to successive closures of major markets by law enforcement.[2]

Social restrictions have led to changes in habits and this has been reflected in the types of accounts being hacked and the prices they are able to command.

With the illicit trade in stolen data very much in flux, this edition of the Dark Web Market Price Index focuses its analysis on the brands made popular these social shifts. We also map out the broader landscape as it stands mid-way through 2020.

We continue to periodically carry out this research to help make the public aware of the true value of their personal data in the hope that they will improve their day-to-day information security.

EXPERT ADVICE: Use a VPN (Virtual Private Network) service to help prevent fraudsters from stealing your identity. If you don’t know which service is best for you, read our unbiased, expert VPN reviews.

2020 Boom Brands

The following table presents highlights from the Darknet Markets Price Index relating to hacked accounts for services that have enjoyed a surge in popularity since the start of 2020.

Where available we show the average USD price for the same item in the most recent Index, published in Feb 2019, and calculate the percentage difference.

Just as people stuck at home around the world have increasingly turned to a range of different online services in order to try to maintain a degree of normality in their lives, so too has the nature changed of what’s being traded on the darknet markets.

What really stands out when looking at the 25 services above — which we have highlighted based on their soaring popularity — is that 19 of them weren’t being sold on the darknet markets last year.

Looking over our findings as a whole, well over half of the entries in the Index are for services that weren’t available for sale last year, which underscores just how profound the recent changes have been.

Hacked log-ins for health and wellness accounts like Peloton ($22), Daily Yoga ($9.50) and Ten Percent Happier ($8.50) are commanding premium prices, well above those of dark web market mainstays like Netflix or even Apple (both $6), as scammers eye up the potential of stealing the identities of their more well-heeled user bases.

It’s notable that hacked log-ins for Amazon Prime Video ($13.50) are worth almost double to scammers than those of hugely popular services like Disney+ ($7) as it’s often part of the broader Amazon Prime account package with all the lucrative opportunities for fraud that come with it.

Stolen credentials for food delivery apps has been another major growth area due to lockdown with Instacart ($22), Postmates ($15) and Drizly ($13.50) all changing hands for sums well above the average for accounts outside of personal finance items.

Interestingly, even hacked accounts for ostensibly niche services such as online learning platform MasterClass ($6) are popping up for sale, as their memberships grow thanks to new users looking to alleviate the tedium.

Darknet Market Price Index 2020

Stolen ID, personal data and hacked accounts for sale

Darknet Price Analysis

This section analyzes current dark web prices for hacked accounts and examines why the credentials for individual brands command their price tag. Our analysis is organized by category.

Find out more about how different types of hacked credentials can be used for fraud in the common scams section of our Dark Web Prices research hub.

Personal Finance

Stolen credit and debit card data, along with bank and online payment account details, remain the most popular items for sale on the dark web markets. The lure of high account balances to cash out and access to new lines of credit understandably allows these items to always command the highest prices.

The vast majority of debit card details are now part of expensive bundles, unlike in previous years, ratcheting up the average price ($1,307).

At the very highest end of the pricing spectrum, hacked debit card data for high-balance accounts bundled with SIM cards and cryptocurrency accounts change hands for up to $4,600 compared to just $17 for standard debit card details.

The value of hacked PayPal accounts ($11) continues to drop due to the scarcity of high balances compared to previous years amid the overall glut in listings for this venerable brand.

Instead, hacked account details for newer instant cash transfer services such as Cash App ($47) and to a lesser extent, Venmo ($14) have become more appealing as they become increasingly popular with small businesses and consumers.

Regardless of the individual service, hacked web wallets remain a mainstay of the dark web markets as they are central to so many scams.

Communication

Hacked Verizon accounts ($102.50) are almost ten times more expensive than last year as they are currently being bundled with associated personal data, such as Social Security Number (SSN), Zip Code, and date of birth, and therefore tailor made for identity theft and account takeovers.

In previous years, Skype accounts ($7) were worth little more than a dollar. However, with the newfound reliance around the world on video calls, Skype log-ins are suddenly much more appealing to cybercriminals.

The longstanding scam where phishing links are sent via hacked Skype accounts to the account holder’s entire contact list, has more potential to be lucrative given the increased use of the platform currently.

Shopping

Online shopping activity soared in 2020, with two-and-a-half times more orders than before.[3]

This increased activity is a boon to would-be fraudsters, with consumers more likely to create accounts with individual retailers and store payment details for more frequent orders. With more overall activity, fraudulent orders are less easy to spot, especially if account holders are less experienced online shoppers.

Online retail accounts are currently selling for between $4 and $15, with the most expensive being Wowcher ($15), eBay and Amazon (both $14.50).

The 53% drop in price of hacked Amazon accounts compared to last year may well be due to Amazon tightening its controls following the discovery of a massive fraud last year. Despite this, Amazon accounts remain valuable to would-be fraudsters due to the high likelihood of stored payment details and sheer scope for scams.

Note the average price for Amazon accounts in general is slightly higher than for Amazon Prime Video ($13), as a number of cheaper listings for the streaming-only version of the service (ie lacking the full Prime membership benefits) brought down its average.

Travel

The collapse of the international travel industry for much of 2020 may have temporarily killed off the trade in hacked airline accounts, however the rise in staycations in its place meant that compromised Airbnb ($13.50) accounts have actually increased in value to scammers.

Health & Wellness

Unable to visit gyms, fitness fanatics around the world have increasingly turned to a range of apps and services to maintain their physical and mental health.[4]

High-end subscriptions, such as increasingly popular Peloton[5] ($18) that also requires a $2,000 exercise bike, mark out the owner as a potentially lucrative target for fraud and are priced accordingly on the dark web markets.

Wellness apps like Headspace ($7) are proving popular with scammers, partly because they are “fresh blood” but also due to the demographic of their users, who have the disposable income to pay for such services even during these economically uncertain times, making them appealing targets for identity theft.

Food

Food delivery is another category of stolen log-ins now commanding higher prices on the dark web as usage of these services soared in 2020.[6]

Instacart ($22) accounts are the most expensive, which could be due to shoppers being more likely to store payment details for convenience’ sake when they are making multiple orders per week, as well as the range of stores from which it delivers.

Services like Drizly ($13.50) give scammers free alcohol as well as users’ personal data.

Social Media

Despite a major breach earlier this year,[7] the price of hacked individual Facebook accounts is relatively stable at $8 on the dark web marketplaces.

Entertainment

Hacked streaming and gaming accounts continue to proliferate on the dark web with prices correcting to around the $7 mark after the temporary squeeze on supply forced up prices last year. Amazon Prime Video is worth around double that at $13.50 as it’s often part of the broader Amazon Prime shopping account.

Interesting outliers in the category include the subscription-based content platform OnlyFans ($16), most known for people charging their followers a monthly fee for adult content. It’s been flooded with new content creators hoping to make a living due to the increases in unemployment in 2020.[8]

Email

Hacked email accounts tend to be sold either in massive dumps from large scale data breaches or as individual verified emails. As with previous editions of the Price Index, we disregarded dumps as unit prices work out at tiny fractions of a cent each while the accounts constituting these dumps are not guaranteed to be accessible or even valid.

Verified emails on the other hand trade for anything up to ten dollars each. Gmail ($6) in particular can be used in dot account scams[9] or as part of more complex fraud and identity theft, thanks to the use of email as security for so many third-party accounts.

We are also seeing student emails ($6) specifically due to the authority of the “.edu” address.

Security

Subscription-based security software that we found is typically for personal use rather than for further fraud. Hackers use stolen VPN accounts that can’t be tracked back to them to disguise their IP addresses whilst they are carrying out illegal activities.

Hacked anti-virus software appeals to cheapskates who don’t want to pay for their own license and those who want to avoid signing up with their own details.

Education

Online learning and self-improvement platforms have enjoyed a surge in popularity in 2020 as people look for new ways to relieve the tedium.

At one end of the spectrum is MasterClass ($6), whose glossy, star-studded platform and expensive annual subscription has been attracting increasing numbers from a highly appealing demographic for hackers looking for potentially lucrative identity theft.

At the other is the more prosaic Udemy ($3), whose technical courses cost as little as $10 and thus attract a more diverse user base.

Methodology

Our team reviewed all fraud-related listings on four of the largest darknet markets: Empire, Icarus, Versus and White House between July 8 – August 3 2020. Relevant listings were collated and categorized in order to calculate average sale prices. We excluded large-scale ‘dumps’ to maintain the integrity of the data.

Access the Darknet Market Price Index 2020 raw data on this Google Sheet.

Disclaimer

Our report does not suggest in any shape or form that the companies included or referenced have suffered security breaches. Furthermore, we have not purchased any of the credentials being sold on the Dark Web.

The authors of all our investigations abide by the journalists’ code of conduct.

Additional research by Christine O’Donnell

References

[1] https://www.wired.com/story/dark-web-drug-takedowns-deepdotweb-rebound/

[2] https://www.zdnet.com/article/top-dark-web-marketplace-will-shut-down-next-month/

[3] https://www.forbes.com/sites/louiscolumbus/2020/04/28/how-covid-19-is-transforming-e-commerce/#f86dd8e3344f

[4] https://www.washingtonpost.com/health/coronavirus-is-harming-the-mental-health-of-tens-of-millions-of-people-in-us-new-poll-finds/2020/04/02/565e6744-74ee-11ea-85cb-8670579b863d_story.html

[5] https://www.businessinsider.com/peloton-sales-surge-coronavirus-keeps-consumers-working-out-at-home-2020-5?r=US&IR=T

[6] https://www.nytimes.com/interactive/2020/05/13/technology/online-shopping-buying-sales-coronavirus.html

[7] https://www.forbes.com/sites/zakdoffman/2020/04/20/facebook-users-beware-hackers-just-sold-267-million-of-your-profiles-for-540/#508318927c85

[8] https://www.bbc.co.uk/news/business-53338019

[9] https://www.zdnet.com/article/scammer-groups-are-exploiting-gmail-dot-accounts-for-online-fraud/