How are hackers on the dark web recruiting?

The dark web is notorious for its illicit activities, which has evolved into a bustling marketplace for various illegal purposes. It serves as a hub for cybercriminals, offering opportunities for stolen data transactions, hacking services, and collaborations in illegal activities. Job seekers can find diverse postings for roles related to cybercrime, ranging from developers to pen testers and specialised positions. As we delve into the dark web job market, I shed light on the recruitment process, motivations, costs and risks involved.

The Recruitment Process

Dark web forums and marketplaces attract individuals interested by the world of cybercrime, providing them with opportunities to engage in stolen data transactions, hacking services, and collaborations for illegal activities.

The job postings on the dark web cover malware development, phishing tools, website hacking, email hacking, encryption cracking, and web scraping. Each category seeks individuals with specialised skills to carry out these illegal activities. Whether it is the creation of malware, development of phishing campaigns, exploitation of vulnerabilities in websites and emails, or the decryption of encrypted data, there is a demand for skilled individuals who can execute these tasks with precision and expertise.

Within the dark web, job seekers can come across many postings for diverse roles related to cybercrime. These positions encompass a broad spectrum, including developers, penetration testers, and other specialised positions. The recruitment process on the dark web often involves:

    • Prospective candidates undertake test assignments
    • Having their examples of work/portfolios reviewed
    • Participating in conversations with perspective teams/wrongdoers


The motivations for seeking employment on the dark web can vary greatly. For some, the attraction of easy money proves irresistible, especially compared to the set financial rewards and pay scales offered by commercial and ethical positions


Researchers at Comparitech, examined over 100 listings from 12 different hacking websites. The actual prices are negotiated based on the time, scope, complexity and level of risk. Where they were able to find the average prices of these illicit services (prices have been converted from BTC to USD).

    1. Personal Attacks – this was the highest service at $551 (Is this per target). Personal attack could include financial sabotage, legal trouble or public defamation.
    2. Grades Change – One of the most common hacking services, where students who want a higher grade can pay $526 on average to hack into a school system and alter their grades. Some hackers also said they can steal the answers to future exams.
    3. Website hacking – Costing an average $394 and includes attacks against websites and other services hosted online. One hacker said they could access an underlying web server or a website’s administrative panel. With another said they can steal databases and administrative credentials.
    4. Computer and phone hacking – Average of $343, where the hacker breaks into the victim’s PC or phone to steal data or deploy malware on any operating systems.
    5. Social media hacking – Costing $230 to hack platforms including WhatsApp, Facebook, Twitter, Instagram, TikTok etc for either credentials or to give the buyer full access to the account. WhatsApp to spy on messages or take screenshots. This is another popular service.
    6. Email hacking – $241 for the hacker to steal the victim’s email password and then either gives that password to the buyer or breaks into the account to access data. In some cases, the criminal may set up an email forwarded process to get a copy of all the victim’s emails.
    7. DDoS Attacks – hackers who offer Distributed Denial-of-Service attacks charge on average $26 per hour, though prices vary based on the length and bandwidth of the attack. Some hackers will charge by the hour or even by the month to maintain an attack for as long as the buyer wants.

All of the services required payment up front, with some but not all of the hacking service websites promised a refund for unsuccessful jobs. Most hacking services set realistic expectations in that they only take jobs they reasonably believe they can accomplish. One website stated, “in about 5-7% of cases, hacking is impossible.” Many hackers would say if they can complete jobs within 24 hours, but more advanced jobs might take days or weeks. These hacking service websites instruct prospective customers to get in contact by encrypted email or secure chat app.


    • Illegal access: browsing on the dark web is not illegal, but accessing illegal websites on the dark web using an anonymous browser is.
    • Legal Protection: Anyone involved in cybercrime, faces the constant threat of legal consequences if their illicit activities are uncovered, and law enforcement intervention, due to no legal protection.
    • Data cloning: going on the Dark Web means a risk in infecting your devices with malware, ransomware, and trojan horse viruses.

As society faces challenges posed by cybercrime, efforts to strengthen cybersecurity, enforce legislation, and educate individuals about the risks and consequences of participating in illegal activities on the dark web are become increasingly vital.