Digital Shadows released research on the most popular items for sale on the dark web this holiday season – this one is shaping up to be different than any before with many consumers turning to online shopping instead of brick and mortar.

Many shoppers forwent Black Friday sales in favor of Cyber Monday – chasing deals while avoiding the crowds. For cybercriminals, it’s been no different, and from stolen account credentials to drugs, malicious actors are enjoying fire-sales on almost everything one could desire in their toolkit. These include:

  • Compromised account credentials for services like Hulu, Netflix, and Disney+, plus corporate and government databases and exploits to vulnerabilities. Researchers also found multiple account accesses advertised across carding sites and forums, including Club2Card, XSS and Raidforums, all for discounted prices.
  • Illicit drugs: Many vendors across cybercriminal marketplaces (such as Dread) are offering discounts on ampheamines, cannabis, Xanax, and Adderall. 
  • Hacking tools services, and resources, including DDoS services and HTTPS/SOCKS proxies as well as discount offers for Linken Sphere browser and KleenScan: Many cybercriminal operations, says Digital Shadows, rely on proxies to maintain anonymity or improve the likelihood of accessing an account, which result in long-lasting potential and offer cybercriminals more tools in their arsenal. 
  • Subscription services for databases, checkers, mailers, exploits, combolists, and automated payload injections

Many of these items can be leveraged to conduct financial cybercrime, extortion, or other technology-based skullduggery-for-profit. The risks are higher than ever as many have turned to online shopping, allowing cybercriminals to have a broader attack surface to commit fraud and other malicious acts. Digital Shadows is recommending users to be mindful of where online shopping is conducted, to not always trust the padlock, and to avoid buying counterfeit goods. 

For the full blog, please visit