Misha Glenny's Dark Market: Skimmers, New Identities and Stolen Credit Cards all Inside the Hacker's Bazaar

Aaron Broverman

Filed under: Credit Cards, Fraud, Identity Theft, Technology, Book Reviews

At some point, we all know the traditional tips for protecting our bank accounts from cyberthieves: never respond to an e-mail claiming to be your bank or credit card company requesting your full name, account number and account password -- this is a phishing scam. Always cover the PIN pad on a point-of-sale [POS] terminal, in case a hacker has installed a skimmer and a pin-hole camera over the original POS terminal to read the magnetic strip on your credit or debit card and record your PIN number.

What we never know however, is who these hackers are. Well, wonder no more. Misha Glenny, author of 2009's immensely popular McMafia: A Journey Through the Global Criminal Underworld, has lifted the veil on the seedy side of cyberspace. He interviews the cyber criminals who rip you off and the cops who are trying to catch them, with a cinematic specificity that makes the reader feel like they're following their every move and is inside their heads.

Like this article? Don't miss another one. Follow us on Twitter and Facebook.We usually only see cybercrime from the victim's perspective, but in Glenny's newest book, Dark Market: Cyberthieves, Cybercops and You, he takes us through three areas of the hacker underground (cyber crime, cyber industrial espionage and cyberwarfare) by tracing the rise and fall of one of the largest online bazaars for cyber criminals ever to hit the web.

Related Links:

Dark Market was an underground Internet forum vetted by its hacker membership against infiltration by law enforcement where members sold skimmers, stolen credit cards, PIN numbers, forged passports, fake IDs, online banking passwords and account numbers, either in bulk or individually. They also advertised their services to hack into corporate systems, unleash denial-of-service attacks, program viruses and set up phishing operations, among other nefarious services. Like a criminal Craigslist, Dark Market also featured want ads for disgruntled bank employees, gas station attendants or credit card customers seeking revenge and looking to get even. After all, stealing is so much easier with someone on the inside.

Glenny expertly jumps from hacker to hacker and from cop to criminal in a way that gives you a snap shot of each, but never disturbs the flow of the story. There are no jump cuts. You'll start a chapter reading about a criminal investigation in Turkey and end it inside the mind of a hacker in a London coffee shop and, thanks to the webs Glenny weaves, you'll believe it was only natural you ended up where you did.

Those who read and enjoyed Glenny's first book, which argued that the global expansion of the black market emanated from the newly independent countries that formed out of the dissolution of the Soviet Union in the early '90s, will appreciate that Dark Market's predecessor Carder Planet originated in Odessa, Ukraine, so not only is Eastern Europe a hub for traditional crime, but cyber crime as well.

But beyond the establishment of these nefarious online forums and insight into the process of taking your money from a hacker's perspective, what you really come to realize through Glenny's research is the whys behind doing what they do and that, though organized and technologically superior to the rest of us, many of these people are just as petulant, needy and over-dramatic as any niche internet subculture that has nothing to do with crime.

In many ways, these are still adolescents and the board often descended into soap opera -- with members perpetually suspicious of their friends, partners and business associates thanks to the slightest comment or circumstantial evidence. This rivalry and internal bickering assures that when the actual invade, everyone is too busy keeping the flame war going to notice the real impostor.

See, when former white hat hacker turned black hat criminal Max Vision aka Max Butler shares legitimate evidence that a Dark Market administrator is a cop, no one on Dark Market believes him because he's the creator of Dark Market's arch nemesis Carder's Market and has spent months trying to obliterate their site, so his can be top dog. Had the two sites worked together and pooled their resources, they may have been very close to squashing the police investigation that lead to the demise of both forums. This is just one example of how rivalry got in the way.

The cops aren't any better. The rivalry between the FBI and Secret Service prevented both agencies from sharing information with each other and the international law enforcement allies of the opposing organization, making the investigation slower than it may have been otherwise. Glenny also shows sympathy for the plight of the hackers themselves, pointing out that for many, their motivation didn't begin as stealing, but to simply prove their technological superiority by breaking into systems. Glenny reveals that corporations and police often create the cyber criminals they are trying to stop.

Max Vision was once a computer security consultant who hacked into systems in order to fix security holes and then inform the public about the breaches before the software companies knew about them. He was also an informant for the FBI, helping catch hackers working in the name of evil. However, when he tried to fix a security hole on the U.S. Defense Department server he forgot to close a tiny hole, which lead the FBI to accuse him of leaving a back-door on their server that only he could get into, sending him to jail and ruining his life.

Upon release Vision felt betrayed by handlers he had helped for so long, especially when he thought he put himself at extreme risk to do what he thought he was his duty as an American citizen. It was an honest mistake, but they labeled him a criminal. He decided to get even and created Carder's Market. Dark Market was created in a similar fashion, after founder Renukanth Subramaniam had his wallet stolen and lost thousands of dollars in American Express traveller's cheques. He provided the evidence to get them back, but American Express reneged on that guarantee and trapped him in a corporate bureaucracy we're all familiar with. Even governments and corporations use a hacker's skills to gain intelligence against rival countries or companies, so how can they turn around and treat them like criminals, when they endorse criminal behavior under certain circumstances?

Glenny puts this duplicitous nature of cyber crime in sharp relief, outlining the many shades of grey when it comes to what is legal and illegal in cyberspace. The book itself is very cloak and dagger and reads like the best spy thrillers. Most true crime novels focus on a single case, but Glenny is an expert at assessing the trends in crime and revealing how they impact all of us.While his previous work often slipped into sounding slow and academic, like a college textbook, this one grabs a hold of you from moment one and never let's you go until the last page. I promise that all the things you think you know about cybercrime will be forever changed by Dark Market.

Like this article? Don't miss another one. Follow us on Twitter and Facebook.