The Market For Cybercrime Tools Is Thriving

The analysis, by researchers at Positive Technologies, included 25 sites on the dark web in Russian and English, with a total registered user base of about three million people. The researchers examined whether the advertised tools and services would be enough for a real attack and how much technical knowledge was required by prospective clients.

They found that cyber criminals no longer require deep technical knowledge and that any type of attack is now feasible given sufficient funding.

The researchers also examined the costs of cyber-crime services across the dark web and found that compromising a site and obtaining full control over a web application costs as little as $150, for example. However, a targeted attack on an organisation, depending on difficulty, can cost more than $4,500, while the most expensive malware was for targeting banks’ automatic teller machines through ATM logic attacks, with prices starting at $1,500.

The leading type of malware available was crypto-currency miners (20% of the total), followed by hacking utilities (19%), botnet malware (14%), remote access Trojans (RATs) (12%), and ransomware (12%).

The majority of malware demand (55%) was for creation and distribution, the researchers found.
While current demand for malware creation exceeds the supply by three times, the demand for malware distribution is twice the supply, the researchers found.

This mismatch of supply and demand has led to interest among criminals in new tools, which are becoming more readily available in the form of partner programs that include “malware as a service” and malware distribution-for-hire, the research showed.

Most of the hacker-for-hire requests from would-be buyers involve finding site vulnerabilities (36%) and obtaining email passwords (32%), while the most commonly offered services are hacking social network accounts (33%) and email (33%).
Leigh-Anne Galloway, cyber security resilience lead at Positive Technologies, said: “This research shows a burgeoning and evolving dark web market for cyber-crime.

“As a consequence, approaches to cyber incident investigations have to adapt accordingly. It is important to take these findings into account when analysing the techniques and tactics used for any particular incident.”
To have a deep understanding of attacker tool-kits, defenders have to study the trends and tools found on the dark web before they show up on client systems, said Galloway.

“Perhaps Dark Web intelligence will even enable preventive action, as increasing purchases of certain types of illegal software or services can indicate pending attacks,” she said.

However, the researchers said the trend of multiple threat actors using the same malware is likely to complicate attribution of future attacks.

Computer Weekly

You Might Also Read:

US Dark Web Raids Lead to Arrests And Seizures:

Europe Is A Cybercrime Hub:

 

« Germany Wants A Legal Framework For Cyberwar
Cyber Audits Can Save Businesses $1.5m »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Cyber Seguridad (Cyberseg)

Cyber Seguridad (Cyberseg)

Cyberseg provides specialized Cybersecurity services, including managed services (SOC / CERTs) and solutions for the protection of critical infrastructures.

bwtech@UMBC

bwtech@UMBC

The bwtech@UMBC Cyber Incubator is an innovative business incubation program that delivers business and technical support to start-up and early-stage cybersecurity/IT products and services companies.

GreyNoise Intelligence

GreyNoise Intelligence

GreyNoise Intelligence is a cyber security company that collects, labels, and analyzes Internet-wide scan and attack data.

Clone Systems

Clone Systems

Clone Systems is an award winning global cloud based managed security as a service provider.

Razorpoint Cybersecurity

Razorpoint Cybersecurity

Razorpoint’s world-class security experts have provided advanced, effective cybersecurity expertise to corporate and public-sector organizations around the world.

Pionen

Pionen

Pionen are a specialist information security consultancy with excellent people and proven security delivery methodologies at its core.

Tonex

Tonex

Tonex providing industry-leading technology training, courses, seminars, workshops, and consulting services to companies and government organizations around the world.

Epoch Concepts

Epoch Concepts

Offering a full line of IT services, solutions, and integration capabilities, Epoch Concepts is the trusted partner of the US military, federal agencies, private enterprises, and systems integrators.

QuantumCTek

QuantumCTek

QuantumCTek is a Chinese pioneer and leader in commercialized quantum information technology (QIT).

Forward Global

Forward Global

Forward Global designs and delivers services and technologies to manage digital, economic, and information risks.

Washington Technology Solutions (WaTech)

Washington Technology Solutions (WaTech)

WaTech operates the state’s core technology infrastructure – the central network and data center, provides strategic direction for cybersecurity and protects state networks from growing cyber threats.

Intellinexus

Intellinexus

Intellinexus turns data into actionable insights to revolutionise decision-making in your business.

CyberMontana

CyberMontana

CyberMontana is a statewide initiative providing cybersecurity awareness, training, and workforce development for businesses and residents of Montana.

Afripol

Afripol

AFRIPOL was set up to strengthen cooperation between the police agencies of AU member states in the prevention and fight against organized transnational crime, terrorism, and cybercrime.

IDCARE

IDCARE

IDCARE is Australia and New Zealand’s national identity & cyber support service. Our service is the only one of its type in the world.

HanaByte

HanaByte

HanaByte is a security consultancy focused on delivering state of the art solutions in the cloud. We specialize in delivering cloud services with an emphasis on security.