How do hackers make money from your stolen data?

How do hackers make money from your stolen data?

Cybercriminals will go to great lengths to steal your data – but what do they actually do with your information once they get their hands on it?

In most cases, data theft is financially driven. After stealing your information, bad actors can use a variety of shady channels to monetize your data, including taking out loans and making purchases under your name, holding your data to ransom and selling your data on dark web marketplaces to the highest bidder.

In this article, we’ll show you exactly how hackers steal and monetize your data, and how much it sells for on the black market.

How hackers steal your data

There are many methods hackers can use to steal your data. The following is not an exhaustive list, but it does include some of the most common techniques:

1. Malware

There are many types of malware that can be used to steal your personal information, including keyloggers, info stealers, banking malware and more.

Most strains typically focus on login credentials, credit card information, browser autofill data and cryptocurrency wallets. Certain breeds, such as the infamous Vega Stealer, sniff out specific file types such as PDF, Word, Excel and text files and exfiltrate (transfer the data without authorization) them to a remote command and control server.

Emsisoft Endpoint Protection: Award-Winning Security Made Simple

Experience effortless next-gen technology. Start Free Trial

Malware typically spreads via malicious email attachments, malvertising, drive-by downloads and pirated software. You can keep your system safe from malware with a proven antivirus solution like Emsisoft Anti-Malware.

2. Phishing

Phishing is a form of low-tech social engineering in which cybercriminals attempt to extract sensitive information such as login credentials, credit card information and personally identifiable information (PII).

In a typical phishing scam, attackers pose as a reputable company such as Microsoft, Amazon or Netflix and claim there’s an issue with your account. The message encourages you to click on a link where you can supposedly resolve the issue by confirming your password or entering your credit card information. This data is sent directly to the hackers, who can then gain access to your real account and the information stored within.

Phishing attacks are typically delivered via email, but they can also be implemented through social media, text messages and phone calls.

3. Weak passwords

Hackers can also steal your data by cracking the passwords of your online accounts. There are a few ways this can be accomplished:

See this blog post for more advice on how to securely manage your passwords.

4. Unsecured connections

Attackers can also steal your data by preying on unsecured connections such as public Wi-Fi networks. Public Wi-Fi is often unsecured and unencrypted, leaving users vulnerable to a variety of attacks, including:

How hackers monetize stolen data

Once a hacker has successfully stolen your data, the first step is to inventory it. They comb through your data for valuable information such as your login credentials, financial information, names, phone numbers, addresses and social security number, and organize it in a database. After the data has been collated, hackers have a variety of ways to monetize it.

Use the data themselves

In some cases, hackers may monetize your stolen data by using it themselves to make purchases or commit fraud. This is relatively rare as committing fraud is much more likely to attract the attention of authorities than anonymously selling large batches of data online. Nevertheless, it does happen.

Attackers can use your stolen data to:

Sell your login credentials

Usernames and passwords are often sold in bulk on the dark web. Buyers may use your login credentials to transfer money from your bank account, make online purchases and access various paid services.

Here’s how much your account credentials typically sell for, according to a Symantec report on the underground economy:

Sell PII to buyers on the black market

Hackers commonly sell PII on underground marketplaces that are accessible on the dark web. Typically, PII will be sold in bulk batches. The more recently the data has been stolen, the more valuable it is.

Here’s how much your data is worth:

Sell your credit card information

Attackers will usually sell your credit card information in large bundles of hundreds or even thousands of stolen credit cards. This data is often purchased by “carders”, who try to avoid fraud detection by purchasing gift cards and using them to buy physical items, which may then be sold on the dark web as well as through legitimate channels such as eBay or Craigslist.

How much do hackers sell your credit card information for?

Hold your data to ransom

Some types of ransomware have data exfiltration functionality, which enables hackers to not only encrypt your data but also steal it via a range of channels, including FTP, HTTP, HTTPS, SSL/TLS and more.

Attackers can use your stolen data as extra leverage to encourage you to pay the ransom (the average is a whopping $84,000) and sell your PII on the black market for extra pocket money.

Sell valuable intellectual property

It’s not uncommon for hackers to launch attacks on large corporations and sell the stolen data to companies in developing nations. These are typically highly sophisticated, nation-sponsored attacks and can be incredibly lucrative for both the hackers and the country funding the attack. Chinese intellectual property theft is estimated to cost the U.S. economy $50 billion a year.

How data theft can impact victims

Being the victim of data theft can have significant repercussions. In the short-term, you’ll have to go through the time-consuming process of securing your compromised accounts, reversing fraudulent purchases and replacing stolen credit cards.

These are annoying but not life-changing effects. However, there can also be longer-lasting consequences.

For example, if your social security number is stolen and used for fraudulent activity, it could potentially impact your credit history and credit score. Undoing the damage can be very difficult, and may prevent you from making loan applications, purchasing a home or renting property. In addition, if your work-related accounts are used to deliver malware or phishing attacks, you may damage your professional reputation, cause business loss or have to face disciplinary action from superiors.


Data theft is usually financially driven. There are many ways for cybercriminals to get their hands on your personal data, including malware, phishing, password cracking and man-in-the-middle attacks. Once they have obtained your data, they may use it themselves to commit fraud, or they may sell it in bulk on the dark web.



Writer. A picture is worth a thousand words but unfortunately I can't draw. The world of IT security has always fascinated me and I love playing a small role in helping the good guys combat malware.

What to read next