The University of Southampton
University of Southampton Institutional Repository

Deviating from the cybercriminal script: exploring tools of anonymity (mis)used by carders on cryptomarkets

Deviating from the cybercriminal script: exploring tools of anonymity (mis)used by carders on cryptomarkets
Deviating from the cybercriminal script: exploring tools of anonymity (mis)used by carders on cryptomarkets
This work presents an overview of some of the tools that cybercriminals employ to trade securely. It will look at the weaknesses of these tools and how the behavior of cybercriminals will sometimes lead them to use tools in a nonoptimal manner, creating opportunities for law enforcement to identify and apprehend them. The criminal domain this article focuses on is carding, the online trade in stolen payment card details and the consequent criminal misuse of such data. However, these findings could be applied more broadly, as many of the analyzed tools are used across (cyber) criminal domains. This article is a continuation of earlier work, in which a crime script analysis of 25 carding tutorials presented the tools that cybercriminals use to cash-out stolen payment card details while remaining anonymous. We use these tutorials and an analysis of the literature to identify how they can be used incorrectly and create a typology of potential behavioral and technological pitfalls in these tools. Finally, we conclude that finding pitfalls in the usage of tools by cybercriminals has the potential to increase the efficiency of disruption, interception, and prevention approaches. However, in future work, interviews with law enforcement experts and convicted cybercriminals or still active users should be used to analyze the operational security of cybercriminals in more depth.
Cybercrime, Carding, Cryptomarkets, Anonymity, TOR, cryptocurrency, security behaviour, Decision-making
1552-3381
1244-1266
Van Hardeveld, Gert, Jan
e501b3a6-4385-43ad-8ccc-7aa16ec01b3b
Webber, Craig
35851bbe-83e6-4c9b-9dd2-cdf1f60c245d
O'Hara, Kieron
0a64a4b1-efb5-45d1-a4c2-77783f18f0c4
Van Hardeveld, Gert, Jan
e501b3a6-4385-43ad-8ccc-7aa16ec01b3b
Webber, Craig
35851bbe-83e6-4c9b-9dd2-cdf1f60c245d
O'Hara, Kieron
0a64a4b1-efb5-45d1-a4c2-77783f18f0c4

Van Hardeveld, Gert, Jan, Webber, Craig and O'Hara, Kieron (2017) Deviating from the cybercriminal script: exploring tools of anonymity (mis)used by carders on cryptomarkets. American Behavioral Scientist, 61 (11), 1244-1266. (doi:10.1177/0002764217734271).

Record type: Article

Abstract

This work presents an overview of some of the tools that cybercriminals employ to trade securely. It will look at the weaknesses of these tools and how the behavior of cybercriminals will sometimes lead them to use tools in a nonoptimal manner, creating opportunities for law enforcement to identify and apprehend them. The criminal domain this article focuses on is carding, the online trade in stolen payment card details and the consequent criminal misuse of such data. However, these findings could be applied more broadly, as many of the analyzed tools are used across (cyber) criminal domains. This article is a continuation of earlier work, in which a crime script analysis of 25 carding tutorials presented the tools that cybercriminals use to cash-out stolen payment card details while remaining anonymous. We use these tutorials and an analysis of the literature to identify how they can be used incorrectly and create a typology of potential behavioral and technological pitfalls in these tools. Finally, we conclude that finding pitfalls in the usage of tools by cybercriminals has the potential to increase the efficiency of disruption, interception, and prevention approaches. However, in future work, interviews with law enforcement experts and convicted cybercriminals or still active users should be used to analyze the operational security of cybercriminals in more depth.

Text
Final_Paper_After_Acceptance - Accepted Manuscript
Download (327kB)

More information

Accepted/In Press date: 2 August 2017
e-pub ahead of print date: 9 October 2017
Published date: October 2017
Keywords: Cybercrime, Carding, Cryptomarkets, Anonymity, TOR, cryptocurrency, security behaviour, Decision-making

Identifiers

Local EPrints ID: 413441
URI: https://eprints.soton.ac.uk/id/eprint/413441
ISSN: 1552-3381
PURE UUID: 6698ad8d-95db-4d60-82a5-9c427e8ff26d
ORCID for Gert, Jan Van Hardeveld: ORCID iD orcid.org/0000-0001-8847-4662
ORCID for Kieron O'Hara: ORCID iD orcid.org/0000-0002-9051-4456

Catalogue record

Date deposited: 24 Aug 2017 16:30
Last modified: 08 Oct 2019 00:49

Export record

Altmetrics

Contributors

Author: Gert, Jan Van Hardeveld ORCID iD
Author: Craig Webber
Author: Kieron O'Hara ORCID iD

University divisions

Download statistics

Downloads from ePrints over the past year. Other digital versions may also be available to download e.g. from the publisher's website.

View more statistics

Atom RSS 1.0 RSS 2.0

Contact ePrints Soton: eprints@soton.ac.uk

ePrints Soton supports OAI 2.0 with a base URL of https://eprints.soton.ac.uk/cgi/oai2

This repository has been built using EPrints software, developed at the University of Southampton, but available to everyone to use.

We use cookies to ensure that we give you the best experience on our website. If you continue without changing your settings, we will assume that you are happy to receive cookies on the University of Southampton website.

×