Blog


Alleged Hydra Market Operators Identified

02/19/2021 Key Findings An anonymous author on the hydra[.]expert domain claimed to have uncovered the true identities of the individuals running the Hydra marketplace, one of the largest Russian-language dark web markets for drugs. Gemini has translated and analyzed this investigation, although we have not confirmed the entirety of the evidence. The anonymous author alleges […]

Read more

Deepfakes Expose Cracks in Virtual ID Verification

01/27/2021 Key Findings Banking institutions, cryptocurrency exchanges, and other companies have begun implementing identity verification to establish more rigorous account security. Gemini analysts have observed an increasing number of posts on dark web forums about bypassing sites’ identity verification with face-change technology that uses selfies or videos. Deepfakes are images or videos in which the […]

Read more

Joker’s Stash, the Largest Carding Marketplace, Shuts Down

01 / 15 / 2021 Key Findings Joker’s Stash, the largest dark web marketplace in the underground payment card economy, has announced that it is shutting down.  While this marketplace was the largest in the carding space, it also exhibited a severe decline in the volume of compromised records posted over the past six months. […]

Read more

Gemini Annual Report 2020: COVID-19 Shakes Up the Carding Market

Gemini Advisory’s 2020 year review noted significant developments in the dark web underground market for payment card fraud. Demand for CNP records continued to increase, demand for CP records dropped, and new Magecart attacks, scam shops, and travel fraud schemes reacted to changing conditions under COVID-19.

Read more

Chinese Scam Shops Lure Black Friday Shoppers

Key Findings Since the COVID-19 pandemic began, fraudsters have looked for ways to turn the tragedy to their advantage through e-commerce scams, SBA loan and stimulus fraud, and COVID-19 related malware. Now, with Black Friday around the corner, scam shops are looking to cash in on alluring discounts targeting online shoppers.  e-Commerce scam shops operate […]

Read more

“Email Appender” Implants Malicious Emails Directly Into Mailboxes

Key Findings Gemini analysts observed a criminal actor advertise in the dark web a new tool called “Email Appender” that can implant malware-infected or tailored phishing emails directly into a target mailbox. By implanting the email, Email Appender bypasses email security platforms that inspect messages en route to their destination mail server. The software poses […]

Read more