Skip to content

TechRepublic

  • Top Products
  • AI
  • Developer
  • Payroll
  • Security
  • Project Management
  • Accounting
  • CRM
  • Academy
Resources
  • TechRepublic Premium
  • TechRepublic Academy
  • Newsletters
  • Resource Library
  • Forums
  • Sponsored
Go Premium
Popular Topics
  • Top Products
  • AI
  • Developer
  • Payroll
  • Security
  • Project Management
  • Accounting
  • CRM
  • Academy
  • Project Management
  • Innovation
  • Cheat Sheets
  • Big Data
  • Tech Jobs
View All Topics
Go Premium
Security

Gallery: The top zero day Dark Web markets

By Dan Patterson January 9, 2017, 9:58 AM PST

Image
1
of 11

istockcreativaimages.jpg
istockcreativaimages.jpg
Gallery: The top zero day Dark Web markets

How zero day exploits are bought and sold

Getty Images/iStockphoto

How zero day exploits are bought and sold

Kapustkiy won’t buy malware, but the hacker claims to sell zero day exploits, software loopholes that allow attackers to exploit software and networks. “I can’t name the site I use, but I think that most hackers would use the same [sites],” he said. Kapustkiy is a young, ideologically driven hacker who frequently tunnels into government and corporate sites. “I hack for political reasons,” he said in translated, broken English, “but make money sometimes from selling hacks.”

Zero day exploits are a major profit center for many hackers and are at the heart of underground cyberwar ecosystem. Though bug bounty programs are a common white hat practice for major websites and software vendors, under the clearnet is a thriving Dark Web market for malicious code. Malware and software bugs can sell for tens or hundreds of thousands of dollars on the Dark Web.

SEE: IT leader’s guide to the blockchain (Tech Pro Research)

Zero day bugs are valuable because of the high stakes for victims. Bugs in Flash or Windows grant hackers easy access to corporate systems. Malware in the form of Stuxnet was allegedly developed and deployed by the United States and Israel to attack Iran’s nuclear program, and Sandworm was allegedly used by Russian hackers to attack NATO.

To hack a major foreign embassy Kapustkiy claimed, for example, he “started by scanning the websites from the [embassy] websites to see which were related to the [primary site]. I got a huge list of around 20 domains and I saw that all of them were running on the same server and also had the same vulnerability. So I found a exploit in the web-server and I managed to hack [several sites]. It was very simple because all of the websites were running on the same server.”

WATCH: New search engine exposes the Dark Web (CBS News)

Enterprise companies and SMBs are vulnerable to a similar attack, he said, and sensitive corporate data is frequently swiped then sold on the Dark Web. “I just found a SQL [hole] in the website,” Kapustkiy said, “nothing special. They fixed [the hole] but I could still manage to hack the website with social engineering. The administrator was still using the same password and I could get access to a lot of his personal information.”

The hackers and groups in the market for zero day exploits are as diverse as the code they’re selling. Each actor has different methods of exploitation and uses a variety of sites to offload code in exchange for Bitcoin. Though Dark Web malware markets tend to appear then vanish, these are ten of the most well-known and widely used hacker websites and forms.

Before you hop on Tor and begin poking around, novices and experts alike should remember to exercise care and caution when visiting the Dark Web. Though many of these sites return benign content, much of the Dark Web is NSFW. TechRepublic does not condone illegal or unethical activity. Offensive material can sometimes be just a click away. Browse at your own risk. Never break the law. Use the Dark Web safely, and for legal purposes only.

Use the green arrows above to swipe between gallery items.

Read more:

  • Zero Days: Why the disturbing Stuxnet documentary is a must-see (TechRepublic)
  • Interview with a hacker: S1ege from Ghost Squad Hackers (TechRepublic)
  • ‘Down the Deep Dark Web’ is a movie every technologist should watch (TechRepublic)
  • Dangers of the Deep, Dark Web (TechRepublic / IBM white paper)
  • Infographic and interview: The explosion of cybercrime and how to protect your business (TechRepublic)
  • Inside the secret digital arms race: Facing the threat of a global cyberwar (TechRepublic)
  • Cyberwar: The smart person’s guide (TechRepublic)
  • How the Dark Web works (ZDNet)
  • Online sales of illicit drugs triple since Silk Road closure (CNET)
Getty Images/iStockphoto
Gallery: The top zero day Dark Web markets

​0day.today

​0day.today

A multisignature market, 0day.today (links requires Tor) is one of the most well-known exploit markets. It is frequently used to buy and sell leaked data and zero day exploits by independent, institutional, and government hackers.

Gallery: The top zero day Dark Web markets

​0day.in

​0day.in

Another multisig market, 0day.in is frequented by the underbelly of black hat hackers.

Gallery: The top zero day Dark Web markets

​Zerodium

​Zerodium

Founded by Vupen Security, a hacking group that exclusively sells exploits to government clients, Zerodium hopes to break open the burgeoning Dark Web market by listing and selling the top exploits with a clean and easy-to-use interface.

Gallery: The top zero day Dark Web markets

​The Real Deal

​The Real Deal

The well-designed The Real Deal Dark Web market is as slick as it is ephemeral. The site is frequently down yet makes buying malicious code easy with an Amazon-like interface.

Gallery: The top zero day Dark Web markets

​Darkmarket

​Darkmarket

Darkmarket is a popular Dark Web market that sells thousands of digital items, including stolen credit card information, corporate documents, and personal data.

Gallery: The top zero day Dark Web markets

​Alphabay

Image: AlphaBay

​Alphabay

With over a quarter million listings, including drugs and other illicit material, Alphabay is one of the largest Dark Web markets in the world. Though a bit passe for hardcore hackers, tens of thousands of stolen corporate documents are available on Alphabay at dirt cheap prices.

Image: AlphaBay
Gallery: The top zero day Dark Web markets

​L33ter

​L33ter

L33ter is one of the oldest Dark Web markets. Though the site sells drugs and other illegal items, L33ter specializes in selling digital goods, hacker tools, and exploits

Gallery: The top zero day Dark Web markets

​Rutor

​Rutor

Rutor.org is a Russian forum that serves as the middleman between Trust on the Dark Web, and Rutor, a Russian hacking forum, providing a place where sellers and buyers communicate.

Gallery: The top zero day Dark Web markets

​Scan4you

​Scan4you

Scan4you is a clearnet market that specializes in selling botnets, hacking tools, and anti-malware software.

Gallery: The top zero day Dark Web markets

​Dream Market

​Dream Market

Dream Market is a Silk Road knock-off and sells everything from drugs to code to stolen corporate data.

  • Security
  • Account Information

    Share with Your Friends

    Gallery: The top zero day Dark Web markets

    Your email has been sent

Share: Gallery: The top zero day Dark Web markets
Image of Dan Patterson
By Dan Patterson
Dan is a writer, reporter, and producer. He is currently a reporter for at CBS News and was previously a Senior Writer for TechRepublic.
  • Account Information

    Contact Dan Patterson

    Your message has been sent

  • |
  • See all of Dan's content

Daily Tech Insider

If you can only read one tech story a day, this is it.

Cybersecurity Insider

Stay abreast of the latest cybersecurity news, solutions, and best practices

TechRepublic TechRepublic
  • TechRepublic on Facebook
  • TechRepublic on X
  • TechRepublic on LinkedIn
  • TechRepublic on YouTube
  • TechRepublic on Pinterest
  • TechRepublic RSS
Services
  • About Us
  • Newsletters
  • RSS Feeds
  • Site Map
  • Site Help & Feedback
  • FAQ
  • Advertise
  • Do Not Sell My Information
  • Careers
Explore
  • Downloads
  • TechRepublic Forums
  • Meet the Team
  • TechRepublic Academy
  • TechRepublic Premium
  • Resource Library
  • Photos
  • Videos
  • Editorial Policy
  • Legal Terms
  • Privacy Policy
© 2025 TechnologyAdvice. All rights reserved.
CLOSE

Create a TechRepublic Account

Get the web's best business technology news, tutorials, reviews, trends, and analysis—in your inbox. Let's start with the basics.

Already registered? Sign In
Use Facebook
Use Linkedin

* - indicates required fields

CLOSE

Sign in to TechRepublic

Not a member? Create an account
Use Facebook
Use Linkedin

Lost your password? Request a new password

CLOSE

Reset Password

Please enter your email adress. You will receive an email message with instructions on how to reset your password.

Check your email for a password reset link. If you didn't receive an email don't forgot to check your spam folder, otherwise contact support.

Back to login
1 Finish Profile
2 Newsletter Preferences
CLOSE

Welcome. Tell us a little bit about you.

This will help us provide you with customized content.

No thanks, continue without
1 Finish Profile
2 Newsletter Preferences
CLOSE

Want to receive more TechRepublic news?

Newsletter Name
Subscribe
Daily Tech Insider
Daily Tech Insider AU
TechRepublic UK
TechRepublic News and Special Offers
TechRepublic News and Special Offers International
Executive Briefing
Innovation Insider
Project Management Insider
Microsoft Weekly
Cloud Insider
Data Insider
Developer Insider
TechRepublic Premium
Apple Weekly
Cybersecurity Insider
Google Weekly
Toggle All
No thanks, continue without

You're All Set

Thanks for signing up! Keep an eye out for a confirmation email from our team. To ensure any newsletters you subscribed to hit your inbox, make sure to add [email protected] to your contacts list.

Back to Home Page
×