According to an expert’s analysis, the importance of the 2easy marketplace on the dark web has dramatically grown since it contributed more to the black market’s platform improvements and consistent quality of its offerings, resulting in positive reviews among the cybercrime community.
The 2easy marketplace is entirely automated, which means everybody can establish an account, put money on their billfold, and complete transactions without interacting with sellers directly. Also, the logs offered by 2easy can only be acquired by customers for a measly $5 per item, which is unbelievably cheap compared to the average Genesis’ log prices and Russian Market’s bot logs.
Furthermore, according to a threat actor’s review from several dark web communities, 2easy logs constantly offer credentials that give network access to various organisations.
2easy is a very user-friendly marketplace. It has several capabilities that enable actors to perform sophisticated functions such as acquiring credentials from targets, reviewing tags assigned by sellers, checking sellers’ ratings, searching URLs of interest, and viewing URLs of infected machine logs.
However, a disadvantage that the 2easy marketplace yield is that it does not give clients a preview of a sold item, like a redacted IP address or OS version for the device’s information stolen by hackers.
2easy’s simple accessibility on the dark web has caught the attention of threat actors since an increasing number of buyers are visiting the marketplace. Also, customers want an effortless way to purchase logs since they only see the dark web for malicious purposes.
Logs holding credentials are simply keys to doors, where those doors redirect buyers to online accounts, entry to networks, or financial information. According to reports, threat actors sell these logs for low prices, which can be considered dangerous since it can cause severe damage to unfortunately hacked entities.
An example of this attack is when Electronic Arts (EA) was hacked last June 2021. The attack was initially completed by a particular threat actor and sold EA’s cookies on the dark web for a low price. Then, the cookies were bought by separate threat actors that made further infections to EA.
The initial access broker market is increasing and is directly involved in several ransomware attacks. Therefore, log marketplaces, including the 2easy marketplace, has become an integral part of the hacking community over time.