* [Blog](https://www2.paloaltonetworks.com/blog)
* [Palo Alto Networks](https://www2.paloaltonetworks.com/blog/corporate/)
* [Cybersecurity Canon](https://www2.paloaltonetworks.com/blog/category/canon/)
* The Cybersecurity Canon- ...

# The Cybersecurity Canon- DarkMarket: Cyberthieves, Cybercops, and You

[](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww2.paloaltonetworks.com%2Fblog%2F2017%2F12%2Fthe-cybersecurity-canon-darkmarket-cyberthieves-cybercops-and-you%2F)  
[](https://twitter.com/share?text=The+Cybersecurity+Canon-+DarkMarket%3A+Cyberthieves%2C+Cybercops%2C+and+You&url=https%3A%2F%2Fwww2.paloaltonetworks.com%2Fblog%2F2017%2F12%2Fthe-cybersecurity-canon-darkmarket-cyberthieves-cybercops-and-you%2F)  
[](https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fwww2.paloaltonetworks.com%2Fblog%2F2017%2F12%2Fthe-cybersecurity-canon-darkmarket-cyberthieves-cybercops-and-you%2F&title=The+Cybersecurity+Canon-+DarkMarket%3A+Cyberthieves%2C+Cybercops%2C+and+You&summary=&source=)  
[](https://www.paloaltonetworks.com//www.reddit.com/submit?url=https://www2.paloaltonetworks.com/blog/2017/12/the-cybersecurity-canon-darkmarket-cyberthieves-cybercops-and-you/&ts=markdown)  
\[\](mailto:?subject=The Cybersecurity Canon- DarkMarket: Cyberthieves, Cybercops, and You)  
Link copied  
By [Sean Duca](https://www.paloaltonetworks.com/blog/author/sean-duca/?ts=markdown "Posts by Sean Duca")  
Dec 29, 2017  
6 minutes  
[Cybersecurity Canon](https://www.paloaltonetworks.com/blog/category/canon/?ts=markdown)  
[cybersecurity canon](https://www.paloaltonetworks.com/blog/tag/cybersecurity-canon/?ts=markdown)  
[Cybersecurity Canon Review](https://www.paloaltonetworks.com/blog/tag/cybersecurity-canon-review/?ts=markdown)  
[DarkMarket](https://www.paloaltonetworks.com/blog/tag/darkmarket/?ts=markdown)  
[Misha Glenny](https://www.paloaltonetworks.com/blog/tag/misha-glenny/?ts=markdown)  
[Sean Duca](https://www.paloaltonetworks.com/blog/tag/sean-duca/?ts=markdown)

![cybersecuity-canon-blog-600x260](https://www.paloaltonetworks.com/blog/wp-content/uploads/2017/06/cybersecuity-canon-blog-600x260.png)

*We modeled the* [*Cybersecurity Canon*](https://cybercanon.paloaltonetworks.com/)*after the Baseball or Rock \& Roll Hall-of-Fame, except for cybersecurity books. We have more than 25 books on the initial candidate list, but we are soliciting help from the cybersecurity community to increase the number to be much more than that. Please write a review and nominate your favorite.*

*The Cybersecurity Canon is a real thing for our community. We have designed it so that you can* [*directly participate in the process*](https://cybercanon.paloaltonetworks.com/nominate-a-book/)*. Please do so!*

Executive Summary

It's clear to say that the internet has transformed our lives and continues to do so, from a "nice to have" to a dependency for our digital lives, allowing us to shop online, bank, interact and meet people, as well as share our experiences. But with all of this also comes risk to our personal security. Cybercrime has been part of our lexicon for many years now as we have transformed our lives to be more and more digital. Many traditional organised crime groups have migrated online due, in part, to the anonymity the internet brings. What is evident is that cyber thieves run wild, making it a harder task for law enforcement to chase them.

Misha Glenny's story in *DarkMarket: Cyberthieves, Cybercops, and You* takes you on a journey to meet the world of organised crime on the internet, providing a breakdown of who some of the players are, including the victims, law enforcement and the bad guys; the techniques used, such as spear phishing, carding and hacking; and looks at the rise of the criminal website DarkMarket, its ultimate fall and the replacement sites that appeared to fill the void. Misha does a very good job explaining technical terms in easy-to-understand basic concepts. Whilst the book was written in 2011, it gives you a good insight that is still relevant and shows that some of the core problems still reign true today.

Review

Misha Glenny takes you on a journey from the start which reveals that this is truly a global problem by beginning with Reverend Arun John in England, who receives a call to say that someone has broken into his bank account; followed by Darryl, the IT director at a chemical engineering firm, discovering that one of the engineers has been hoarding huge amounts of credit card numbers and other electronic bank details, by remotely viewing his computer in real time.

The engineer in question was a member of DarkMarket, which at one time was the world's largest online forum and swap shop for cybercriminals. Reinforcing the global phenomena that cybercrime is, Misha goes across the planet, from Sri Lanka to Odessa, from San Francisco to Istanbul, detailing his accounts on DarkMarket, CarderPlanet, Shadowcrew, and CardersMarket\*,\* which were the social hangouts for cybercriminals to provide services, learn new ways to attack would-be victims and share their spoils.

To ensure there was "honesty amongst thieves", the sites offered escrow systems, similar to those offered by sites like eBay, where the administrators acted as a neutral third party, overseeing transactions between members, and thus replacing inefficient and unrealistic trust-based direct interactions with an impersonal, reliable workaround. Skills could be combined and traded: those with a background in programming, hacking, or engineering could design and sell software and equipment; while those equipped with street smarts, but lacking in that sort of technical know-how, could purchase or rent equipment and carry out thefts in the flesh. People looking for stolen credit card details could sell them to buyers, who, in turn, performed the physical and risky act of withdrawing cash. As Misha puts it, money can be "stolen by a Russian in Ukraine from an American company and paid out in Dubai -- and the whole transaction need last no longer than 10 minutes". These sites were the places to find the people across the world to aid in this journey

Sellers of skimming devices could dispatch their machines to those who lacked the ability and time to design, build, and engineer their own, but who were willing to install them on ATMs. DarkMarket went a step further to sell the machines together with a PIN pad that was designed to be installed over the existing, legitimate one. Encrypted PINs would be recorded on the fake pad, and the buyers of skimmers had to send the data back to the sellers for decryption.

Behind all these sites are the people: Script, the Ukrainian teenager who brazenly held a cybercrime conference in Odessa in 2002; Cha0, the Turkish administrator of DarkMarket\*,\* who operated a vast operation of skimming machines; Max Vision, a former security consultant for the FBI who went rogue and founded CardersMarket; RedBrigade, who made $300,000 in one fortnight-long spree on New York ATMs; and Master Splyntr, a Polish spammer who became a secretive member of DarkMarket player.

The one consistent theme throughout the book is the tough job law enforcement has on its hands globally around this issue, due to the anonymous nature of the internet and cybercrime being a global challenge. A card can get skimmed in one country, duplicated in another and then used to withdraw money in Australia -- but law enforcement is largely local, so police forces lack both the means and the incentive to track down culprits in different jurisdictions. Additionally, banks, supposedly the ultimate victims, tend to resist cooperation with law enforcement agencies so as not to damage their reputations or betray technological weaknesses. The result is that the cost of such widespread fraud is borne by all bank customers.

On a positive note for law enforcement, the ultimate demise of DarkMarket by FBI agent Keith Mularski is recounted, covering how he penetrated the DarkMarket website and even become one of its moderators. He collected large sums of information about the phishing operations, information on the "skimmers" for copying cards at ATMs, and the money-laundering services. This led to a series of arrests from June 2006 that closed down DarkMarket and led to jail sentences for many of its key players.

Conclusion

For people looking to know how ordinary people are impacted by cybercrime and the psychology of hackers and criminals on the web, I would say that *DarkMarket: Cyberthieves, Cybercops, and You* is a great place to start, focused on the narrative and historical events, with more than 200+ hours of interviews and research. It doesn't go too deeply into technical detail, but Misha makes the reader understand what he is talking about by providing basic descriptions of technology and technical aspects to facilitate a better understanding. Some would argue that Misha's descriptions border on being inaccurate, but he does break the terms down so any layperson can understand them. This is a good read for someone non-technical who wants to understand how the cybercrime cottage industry started and has flourished.

*** ** * ** ***

## Related Blogs

### [Cybersecurity Canon](https://www.paloaltonetworks.com/blog/category/canon/?ts=markdown)

[#### The Cybersecurity Canon: DarkMarket: How Hackers Became the New Mafia](https://www2.paloaltonetworks.com/blog/2017/10/cybersecurity-canon-darkmarket-hackers-became-new-mafia/)

### [Cybersecurity Canon](https://www.paloaltonetworks.com/blog/category/canon/?ts=markdown), [Points of View](https://www.paloaltonetworks.com/blog/category/points-of-view/?ts=markdown)

[#### Book Review: "InSecurity"](https://www2.paloaltonetworks.com/blog/2020/03/cyber-canon-insecurity/)

### [Cybersecurity Canon](https://www.paloaltonetworks.com/blog/category/canon/?ts=markdown), [Points of View](https://www.paloaltonetworks.com/blog/category/points-of-view/?ts=markdown)

[#### Book Review: How America Lost Its Secrets](https://www2.paloaltonetworks.com/blog/2020/03/book-review-how-america-lost-its-secrets/)

### [Cybersecurity Canon](https://www.paloaltonetworks.com/blog/category/canon/?ts=markdown), [Points of View](https://www.paloaltonetworks.com/blog/category/points-of-view/?ts=markdown)

[#### Book Review: "The Perfect Weapon"](https://www2.paloaltonetworks.com/blog/2020/03/cyber-canon-the-perfect-weapon/)

### [Cybersecurity Canon](https://www.paloaltonetworks.com/blog/category/canon/?ts=markdown), [Points of View](https://www.paloaltonetworks.com/blog/category/points-of-view/?ts=markdown)

[#### Book Review: "No Place to Hide"](https://www2.paloaltonetworks.com/blog/2020/03/cyber-canon-no-place-to-hide/)

### [Cybersecurity Canon](https://www.paloaltonetworks.com/blog/category/canon/?ts=markdown), [Points of View](https://www.paloaltonetworks.com/blog/category/points-of-view/?ts=markdown)

[#### Book Review: "CISO Compass"](https://www2.paloaltonetworks.com/blog/2020/02/cyber-canon-ciso-compass/)

### Subscribe to the Blog!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.
![spinner](https://www2.paloaltonetworks.com/blog/wp-content/themes/panwblog2023/dist/images/ajax-loader.gif) Sign up  
Please enter a valid email.  
By submitting this form, you agree to our [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) and acknowledge our [Privacy Statement](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown). Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.  
This site is protected by reCAPTCHA and the Google [Privacy Policy](https://policies.google.com/privacy) and [Terms of Service](https://policies.google.com/terms) apply.  
{#footer} {#footer}

## Products and Services

* [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown)

* [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown)

* [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown)

* [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown)

* [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown)

* [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown)

* [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown)

* [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown)

* [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown)

* [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown)

* [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown)

* [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown)

* [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown)

* [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown)

* [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown)

* [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown)

* [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown)

* [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown)

* [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown)

* [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown)

* [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown)

* [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown)

* [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown)

* [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown)

* [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown)

* [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown)

* [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown)

* [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown)

* [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown)

* [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown)

* [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown)

* [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown)

* [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown)

* [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown)

* [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown)

* [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown)

* [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown)

## Company

* [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown)
* [Careers](https://jobs.paloaltonetworks.com/en/)
* [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown)
* [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown)
* [Customers](https://www.paloaltonetworks.com/customers?ts=markdown)
* [Investor Relations](https://investors.paloaltonetworks.com/)
* [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown)
* [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown)

## Popular Links

* [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown)
* [Communities](https://www.paloaltonetworks.com/communities?ts=markdown)
* [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown)
* [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown)
* [Event Center](https://events.paloaltonetworks.com/)
* [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center)
* [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown)
* [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown)
* [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown)
* [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown)
* [Tech Docs](https://docs.paloaltonetworks.com/)
* [Unit 42](https://unit42.paloaltonetworks.com/)
* [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd)
  ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)
* [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown)
* [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown)
* [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown)
* [Documents](https://www.paloaltonetworks.com/legal?ts=markdown)

Copyright © 2026 Palo Alto Networks. All Rights Reserved

* [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks)
* [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown)
* [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/)
* [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks)
* [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks)
* EN  
  Select your language