This Week: Halloween on the Dark Web

Next: This Week: Weebly, Indian Banks, and CyberMaryland
Previous: The Rise of Hacking as a Service on...
Get ready, the holiday season is just getting started.
November 04, 2016

The Terbium Analyst Team is on the front-line of combatting dark web myths and legends. Whether it's a threat report, white paper, or blog post, the Analyst Team's job is to know things and speak intelligently about them. Other interests include weightlifting, chocolate, and accumulating obscure dark web trivia to amuse and confuse our co-workers.

While you were out preparing your costumes and decorations, dark web vendors offered a little Halloween festivity with discounts and new products. But it’s not all spooky savings - some dark web criminals aren’t afraid to do the cyber equivalent of toilet papering your trees. New holiday themed ransomware also hit the web this year just in time for Halloween.

Candy Coupons

Halloween expenses can add up quickly. Between the costumes, the candy, and the decorations, your holiday bills can be a bit scary. Have no fear, you can purchase coupons for all of your most important ghoulish needs!

AlphaBay Cupon 1.png

On one of the largest dark web markets, AlphaBay, vendor TeamLotus sold coupons for decorations, candy, and even pet costumes. These 73 coupons expire 90 days after the initial download. They work only in the United States and sell for $19.98. The coupons were described as “exactly like the leading internet coupons and work even better”. It’s unclear if these coupons are copies of real company issued coupons or if they are fraudulent, and the vendor did not provide any specific information about the retailers involved.

Fentanyl Fright

Recently, we have seen a dramatic increase in discussions around fentanyl on the dark web. This synthetic narcotic has a high addiction and dependence risk and has been cited in many recent overdoses.


Vendor getnitn offers a Halloween special on their 15 ml furanylfentanyl. The dispenser reportedly contains 150 sprays and costs $30 before shipping. This vendor has high trust and stealth levels according to reviews, and the market indicates this particular listing has been purchased 56 times since the listing was first posted. The sale was originally supposed to end on October 24th, but the vendor decided to leave the listing up – nothing like an extended sale to get you in the holiday spirit.

Getting into the Spirit

Some drug vendors change their products to fit the holiday.

On dark web marketplace Hansa, vendor FatFreddysCatz posted three halloween-themed THC-infused products. Their Gummy Ghosts and Glo Skulls retail for $18.34 (that will get you two gummies). Both gummies supposedly have an “eerie glow” under UV black light. As a holiday special, FatFreddysCatz made the skulls and ghosts double the concentration of his regular Gummy Catz.


FatFreddysCatz also sells Halloween Glo-Shots. One shot of either Radioactive Pink or Toxic Green goo sells for $12.15. The vendor even has serving recommendations: apparently the Glo-Shots go well with champagne.

Haunted Heroin

Another Hansa Halloween sale appeared in the opioids section. Vendor ElectricMistress was selling a special 3g uncut black tar heroin. Like many vendors, ElectricMistress listed this $360 drug as “the best on the market”.


This vendor comes highly recommended for their stealth, generosity (they always include extra product according to reviews), and customer service.

Pastebin Pumpkin

If you are looking to continue carving out some nice savings, look no further than Pastebin. Pastebin offered a Halloween special on their pro accounts. For a limited time, Lifetime Pro accounts were 40% off.

Pumpkin Spice Ransomware

Recipients are in for a nasty treat with a recent form of ransomware. A version of Locky ransomware appeared with 40 mentions of the word “PUMPKIN” scattered throughout the code. Locky takes hold when the victim opens a .zip file titled “Receipt XXX-XXX.” To receive the private key to decrypt the files, victims must pay a ransom to unlock their files. If they’re lucky the money they saved with their Halloween coupons will be enough to get their files back.

Halloween is the first of many holidays observed on the dark web during the holiday season. As we progress deeper into the holiday season, we can expect to see more festive activity on the dark web.

One More Thing

In case you needed another reminder that nearly nearly everything is connected to the internet now, security researchers have found vulnerabilities in an Android app that could allow hackers to steal your phone’s data - from your crockpot. Like most Internet-of-Things devices, the crockpot wasn’t designed to receive automatic security updates. Owners will have to download and install the patch themselves. So much for “set it and forget it.”

analysis June 24, 2019
New Research: Terbium Labs Uncovers Pervasive Links Between Fraud and Transnational Crime

Terbium Labs investigated the links between payment fraud and serious transnational crime. This research begins to fill a gap in understanding about the use of fraudulent financing in some of the most heinous crimes...

analysis April 17, 2019
Terbium Labs Investigates Dark Web Fraud Guides for an Inside Look on Cyber Crime

With our latest research, Fraud Guides 101: Dark Web Lessons on How to Defraud Companies and Exploit Data, Terbium Labs investigates dark web fraud guides to create a detailed, first-hand account of the illicit...