Data from 155 dark web forums from January 2020 to June 2022 has shown that threat actors consistently organized to conduct malicious campaigns, buy and sell code, and share job ads.
The findings from security experts at Kaspersky also suggest the most significant number of ads was posted in March 2020, possibly in connection with the outbreak of the COVID-19 pandemic.
“A substantial number of people are willing to engage in illicit or semi-legal activities despite the accompanying risks. In particular, many turn to the shadow market for extra income in a crisis,” reads an advisory published by Kaspersky earlier today.
Regarding job types, 61% of the total was for developers, followed by attack specialists (16%) and designers (10%).
“Developers also topped the list of the best-paid dark web IT jobs,” Kaspersky wrote. “The highest advertised monthly salary figure we saw in an ad for a developer was $20,000.”
As for other salaries, the average levels of pay offered to IT professionals ranged between $1300 and $4000, with the highest median salary of $4000 in ads for reverse engineers.
“Offers like that come from hacker groups, among others,” reads the technical write-up. “Cybercrooks need a staff of professionals with specific skills to penetrate the infrastructure of an organization, steal confidential data, or encrypt the system for subsequent extortion.”
Kaspersky also clarified that while many individuals exploring dark web sites do so to look for a job, expecting easy money and sizable financial gain, this is often not the case.
“Salaries offered on the dark web are seldom significantly higher than those you can earn legally [...]. Nevertheless, unhappy with their pay, a substantial percentage of employees in the legitimate economy quit their jobs to find similar employment on the dark web market.”
The Kaspersky advisory concludes by warning individuals about the risks of being prosecuted, put on trial and incarcerated for unlawful activities deriving from engaging with such threat actors.
“The risks of cooperating with hacker groups are especially high, as deanonymization of their members is a priority for cybercrime investigation teams. The group may be exposed sooner or later, and its members face jail time.”
The report comes days after Cybersixgill revealed a 91% year-on-year increase in deep and dark web ads and sellers promoting counterfeit currency.