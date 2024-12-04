When looking at the year-over-year decrease in cloud access credential value, there are a number of possible contributors driving this shift. To help shed some light on this topic, Colin Connor, a member of IBM’s X-Force team, was asked to comment on the shifting dark web market dynamics.

Adding some perspective and helping to establish an important distinction between “cloud credentials” and “cloud access,” Connor clarifies that these stolen credentials are “low-hanging fruit for cyber criminals… credentials are stolen from stored credentials in an infected system through information stealers, and nothing has been validated yet. Basically, somebody has gone to all the trash bins in the neighborhood, grabbed all the letters that are in the trash bins and then said, okay, here’s house A, B, C, etc., and the information found there is for sale.”

Another thing to consider is that while lower-quality credentials are more openly available on dark web markets, not all cyber criminals use the same methods to fund their enterprises. “One potential reason behind the decrease in average price points is that the higher value credentials are being sold by criminals outside of the dark web markets as corporate access or as data leaks,” states Connor, again impacting general statistics.