STYX Dark Web Marketplace: A New Hub for Financial Fraud, Money Laundering and Identity Theft

STYX Dark Web Marketplace: A New Hub for Financial Fraud, Money Laundering and Identity Theft
STYX Image Resecurity

 Resecurity, a threat intelligence company, has discovered a new dark web marketplace called STYX that specializes in offering illicit services and stolen data. STYX, which officially launched on January 19, 2023, appears to be on its way to becoming a thriving hub for buying and selling illegal services.

The marketplace provides a variety of services that include money laundering, identity theft, distributed denial-of-service (DDoS), bypassing two-factor authentication (2FA), fake or stolen IDs and other personal data, renting malware, using cash-out services, email and telephone flooding, identity lookup, and much more. STYX uses a built-in escrow system to broker transactions between buyers and sellers.

Money laundering vendors, image Resecurity
Money laundering vendors, image Resecurity

STYX supports payments with multiple cryptocurrencies and features a special section reserved for trusted sellers that lists vetted vendors, likely in an attempt to increase trust in the platform. The marketplace points to Telegram channels where bots interact with buyers and provide samples of the products sold to showcase the purchasing process. For example, one seller offers fake IDs, creating documents in the name of U.S. President Joe Biden and former professional footballer David Beckham.

Resecurity researchers have compiled a report presenting some notable cases they discovered while exploring STYX. The report aims to highlight the risks that arise from the operation of these illicit platforms and uncover the actual dimension of cybercrime.

All things financial fraud: Resecurity navigated all sections of STYX and found that it offers the following: tools to bypass anti-fraud filters such as fingerprint emulators and spoofers, stolen credit card and PII (personally identifiable information) data for sale, "checking" (lookup) services that extract information about individuals or organizations, fake ID or "drawing" services that offer forged documents for over 65 countries, telephone, SMS, and email flooding services ranging from $4 to $150 per day, money laundering services for BEC (business email compromise) scammers and other fraudsters, manuals, and tutorials on hacking and cybercrime operations.

VCC services, image Resecurity
VCC services, image Resecurity

The money laundering section is one of the most significant in STYX, as "cleaning" the stolen funds is a crucial part of the cybercriminal activity. Resecurity highlighted some vendors that offer money laundering services through STYX, like "Verta," who requests a minimum of $15,000 for individuals and $75,000 for businesses and keeps 50% of the laundered amount. Other providers of money laundering services have different fees.

STYX hosts a plethora of cash-out shops that cover the entire world, offering the "clean" funds via Apply Pay, PayPal business accounts with merchant terminals, and various financial institutions in the U.S., U.K., and Canada.

The emergence of STYX as a new platform for financially-motivated cybercriminals shows that the market for illegal services continues to be a lucrative business. Digital banks, online payment platforms, and e-commerce systems need to rise to the challenge and upgrade their KYC checks and fraud protections to undermine the effectiveness of the services sold in these crime spaces. With the Genesis Market disrupted, the void for digital identities needs to be filled, and STYX may see an increased flux of customers looking for compromised accounts and personal information.

0 Comments