How does the gray market for cheaper LLM API tokens work?

nanovirus2

Junior Member
Jr. VIP
Joined
Jan 17, 2013
Messages
136
Reaction score
49
I have heard about marketplaces and vendors who sell Claude/GPT/Gemini and other LLM API credits at really big discounts. Like 90% off.

Trying to understand how this works mechanistically.

Where are the tokens sourced?
Stolen cards loading API balances? Regional pricing arbitrage? Compromised accounts? Free tier abuse at scale? Educational/research credits being resold?

Is there regional pricing that enables this?
Do any major LLM providers have regional pricing tiers that could be arbitraged? Compute costs the same anywhere so it doesn't make sense. Maybe corporations or research facilities get better deals on usage and then this is being resold somehow via proxies?

How does the API pipeline work on the buyer side?
If you buy "$1000 of API credits" from a seller, are you getting a key tied to their account? Once that balance runs out you need a new key from a new seller? That means rotating API auth in your codebase every time you re-up? It wouldn't be viable for anything production-grade.

Do some sellers run a proxy/gateway where they handle key rotation on their end and you hit a single stable endpoint?

Reliability?
Anyone running real workloads on these? How often do keys get revoked? Average lifespan of a purchased key? Do providers actively enforce against this?

I am looking to buy about 10k$ worth of tokens at a deep discount.
 
I have heard about marketplaces and vendors who sell Claude/GPT/Gemini and other LLM API credits at really big discounts. Like 90% off.

Trying to understand how this works mechanistically.

Where are the tokens sourced?
Stolen cards loading API balances? Regional pricing arbitrage? Compromised accounts? Free tier abuse at scale? Educational/research credits being resold?

Is there regional pricing that enables this?
Do any major LLM providers have regional pricing tiers that could be arbitraged? Compute costs the same anywhere so it doesn't make sense. Maybe corporations or research facilities get better deals on usage and then this is being resold somehow via proxies?

How does the API pipeline work on the buyer side?
If you buy "$1000 of API credits" from a seller, are you getting a key tied to their account? Once that balance runs out you need a new key from a new seller? That means rotating API auth in your codebase every time you re-up? It wouldn't be viable for anything production-grade.

Do some sellers run a proxy/gateway where they handle key rotation on their end and you hit a single stable endpoint?

Reliability?
Anyone running real workloads on these? How often do keys get revoked? Average lifespan of a purchased key? Do providers actively enforce against this?

I am looking to buy about 10k$ worth of tokens at a deep discount.
I suspect they use stolen payment details to buy those accounts.
I am looking to buy about 10k$ worth of tokens at a deep discount.
I won't recommend this since many of such accounts are suspended quickly, also you don't want to get involved in potentially criminal situations.
 
Full Disclosure - I am a provider for these exact same services aka Token Brokerage.

Anyways, to answer your questions

Where are the tokens sourced?

I know shady providers that indulge in free tier rotation, github key scans, compromised accounts and other stuff. Most legitimate brokers (including us) usually work with companies that receive grants either from investors or from education partners or incubators. This translates to revenue for them.

Is there regional pricing that enables this?

No, there isn't a lot of difference in token economics based on regionals. Companies will repackage their core end products (ChatGPT Plus, Google Pro etc.) and then price them appropriately. But API costs are usually the same worldwide.

How does the API pipeline work on the buyer side?

This is where a true token brokerage shines. A reliable proxy endpoint. OpenAI compatible. With load management, query management, concurrency management and credit management baked in. Routed through high availability edge networks.

The buyer gets a custom baseURL and an API key and are able to begin using things almost instantly.

Key rotation and ensuring availability plus logging and exception management occurs in the backend. Plus logs of your queries to see how many tokens each query spent and what you were charged.
 
I recently built this exact thing.

the source of the tokens can range from blackhat to white, with a little grey in the middle

blackhat = stolen cards, hacked accounts etc
white hat = what the gentlemen above me claims to do, brokering educational and cloud startup credits
then theres the grey area in the middle = free tier/free trial accounts used in mass

Personally, i use a mix of white and grey hat =]


just like he said, openai compatible, with a single api key (or multiple, if you want to track usage in multiple tools) but these keys dont rotate or change unless you change them.
account dashboard with logging and usage analytics

I built it myself, and im actually just opening for business now. got my first customer a week ago.
we offer subscriptions identitcal to anthropic, but heavily discounted =]
i wouldnt call the blackhat blackhat, i would call it felonyhat
 
I suspect they use stolen payment details to buy those accounts.
I'm currently in the middle of a major dispute with Claude since someone hacked my company's account and spent tens of thousands on "gift subscriptions". Anthropic acknowledges the hack, but is fighting my bank on the refund.
 
I'm currently in the middle of a major dispute with Claude since someone hacked my company's account and spent tens of thousands on "gift subscriptions". Anthropic acknowledges the hack, but is fighting my bank on the refund.
That is crazy!

It's part of the reason I'm skeptical about paying for stuff like that no matter how good the deal might sound. Usually, there's a victim somewhere.
 
Mostly stolen or abused accounts, and they get burned fast. not production-safe.
 
Full Disclosure - I am a provider for these exact same services aka Token Brokerage.

Anyways, to answer your questions



I know shady providers that indulge in free tier rotation, github key scans, compromised accounts and other stuff. Most legitimate brokers (including us) usually work with companies that receive grants either from investors or from education partners or incubators. This translates to revenue for them.



No, there isn't a lot of difference in token economics based on regionals. Companies will repackage their core end products (ChatGPT Plus, Google Pro etc.) and then price them appropriately. But API costs are usually the same worldwide.



This is where a true token brokerage shines. A reliable proxy endpoint. OpenAI compatible. With load management, query management, concurrency management and credit management baked in. Routed through high availability edge networks.

The buyer gets a custom baseURL and an API key and are able to begin using things almost instantly.

Key rotation and ensuring availability plus logging and exception management occurs in the backend. Plus logs of your queries to see how many tokens each query spent and what you were charged.
Really?
"Most legitimate brokers (including us) usually work with companies that receive grants either from investors or from education partners or incubators."
 
Back
Top