A new dark web marketplace called STYX launched earlier this year and appears to be on its way to becoming a thriving hub for buying and selling illegal services or stolen data.
Among the services provided are money laundering, identity theft, distributed denial-of-service (DDoS), bypassing two-factor authentication (2FA), fake or stolen IDs and other personal data, renting malware, using cash-out services, email and telephone flooding, identity lookup, and much more.
The marketplace opened its doors officially on January 19 and it uses a built-in escrow system to broker transactions between buyers and sellers.
However analysts at threat intelligence company Resecurity noticed mentions of STYX on the dark web since early 2022, when the founders were still building the escrow module.
STYX supports payments with multiple cryptocurrencies and features a special section reserved for trusted sellers that lists vetted vendors, likely in an attempt to increase trust in the platform.
To showcase the purchasing process the market points to Telegram channels where bots interact with buyers and provide samples of the products sold. Below are samples from one seller that offers fake IDs, who created documents in in the name of U.S. President Joe Biden and former professional footballer David Beckham.
Researchers at Resecurity have compiled a report presenting some notable cases they discovered while exploring STYX, aiming to highlight the risks that arise from the operation of these illicit platforms and uncover the actual dimension of cybercrime.
All things financial fraud
Resecurity navigated all sections of STYX and found that it offers the following:
- Tools to bypass anti-fraud filters such as fingerprint emulators and spoofers.
- Stolen credit card and PII (personally identifiable information) data for sale.
- “Checking” (lookup) services that extract information about individuals or organizations.
- Fake ID or “drawing services that offer forged documents for over 65 countries.
- Telephone, SMS, and email flooding services ranging from $4 to $150 per day.
- Money laundering services for BEC (business email compromise) scammers and other fraudsters.
- Manuals and tutorials on hacking and cybercrime operations.
The money laundering section is one of the most significant in STYX, as “cleaning” the the stolen funds is a crucial part of the cybercriminal activity.
Resecurity highlighted some vendors that offer money laundering services through STYX, like “Verta,” who requests a minimum of $15,000 for individuals and $75,000 for businesses and keeps 50% of the laundered amount.
Other providers of money laundering services have different fees, as seen in the screenshot below.