JAKARTA - Kaspersky's latest research reveals that cybercriminals who are active on the darknet are also paying attention to their own cybersecurity, and don't want to be victims of their fellow colleagues.

In the 2020-2022 period, Kaspersky discovered many cybercriminals on the darknet who mentioned the Escrow service, a third-party intermediary involved in the agreement to control the fulfillment of the agreement and reduce the risk of fraud.

When closing any transactions, such as buying databases, accounts, initial company access, and so on, they use Escrow's agent intermediary services, either in the form of humans or an automated system, which is developed to accelerate and simplify relatively typical deals.

Escrow agents usually partner with cybercriminals who want to sell or buy data, services, and generate three to 15 percent of transactions. However, the deal could still fail for various reasons, including the scams committed by Escrow itself.

Cybercriminal activities on the darknet are rampant, and various illegal transactions often occur. Escrow services appear simultaneously, but fraud activities related to them also often occur, thus disrupting the ecosystem on the darknet," said Chris Connell, Managing Director of Kaspersky for Asia Pacific in a statement received in Jakarta.

Furthermore, Chris revealed that it was also the problem that made cybercriminals who were the culprits of cybersecurity problems finally worry about their own security problems.

The Kaspersky Digital Footprint Intelligence team monitors darknets to help companies track internal discussions of cybercriminals and other types of activities to prevent incidents and mitigate the risk of data leakage.

Kaspersky experts found that the number of messages that mention the use of Escrow agents (or other terms such as guarantor, or intermediary) amounted to more than one million from January 2020 to December 2022.

The number of messages that mention the Escrow service surged in the second half of 2021, and coincided with the dynamics of cybercrime activity on shadow Telegram channels in general. More and more members of the darknet community transitioned there because of the compromise of several popular dark web forums in early 2021," said Vera Kholoppova, Security Services Analyst at Kaspersky.

In most of 2022, Kaspersky saw a decline in activity on darknet resources in general. However, by the end of 2022, Escrow-related activities were increasing again.

Despite the communication pattern between cybercriminals in forums and "dark web assets", no Escrow service is immune to cheating. Thus, both sellers and buyers, as well as Escrow agents, can violate the arrangement of the deal, especially when it comes to a large number.


The English, Chinese, Japanese, Arabic, and French versions are automatically generated by the AI. So there may still be inaccuracies in translating, please always see Indonesian as our main language. (system supported by DigitalSiber.id)