The Market For Cybercrime Tools Is Thriving

The analysis, by researchers at Positive Technologies, included 25 sites on the dark web in Russian and English, with a total registered user base of about three million people. The researchers examined whether the advertised tools and services would be enough for a real attack and how much technical knowledge was required by prospective clients.

They found that cyber criminals no longer require deep technical knowledge and that any type of attack is now feasible given sufficient funding.

The researchers also examined the costs of cyber-crime services across the dark web and found that compromising a site and obtaining full control over a web application costs as little as $150, for example. However, a targeted attack on an organisation, depending on difficulty, can cost more than $4,500, while the most expensive malware was for targeting banks’ automatic teller machines through ATM logic attacks, with prices starting at $1,500.

The leading type of malware available was crypto-currency miners (20% of the total), followed by hacking utilities (19%), botnet malware (14%), remote access Trojans (RATs) (12%), and ransomware (12%).

The majority of malware demand (55%) was for creation and distribution, the researchers found.
While current demand for malware creation exceeds the supply by three times, the demand for malware distribution is twice the supply, the researchers found.

This mismatch of supply and demand has led to interest among criminals in new tools, which are becoming more readily available in the form of partner programs that include “malware as a service” and malware distribution-for-hire, the research showed.

Most of the hacker-for-hire requests from would-be buyers involve finding site vulnerabilities (36%) and obtaining email passwords (32%), while the most commonly offered services are hacking social network accounts (33%) and email (33%).
Leigh-Anne Galloway, cyber security resilience lead at Positive Technologies, said: “This research shows a burgeoning and evolving dark web market for cyber-crime.

“As a consequence, approaches to cyber incident investigations have to adapt accordingly. It is important to take these findings into account when analysing the techniques and tactics used for any particular incident.”
To have a deep understanding of attacker tool-kits, defenders have to study the trends and tools found on the dark web before they show up on client systems, said Galloway.

“Perhaps Dark Web intelligence will even enable preventive action, as increasing purchases of certain types of illegal software or services can indicate pending attacks,” she said.

However, the researchers said the trend of multiple threat actors using the same malware is likely to complicate attribution of future attacks.

Computer Weekly

You Might Also Read:

US Dark Web Raids Lead to Arrests And Seizures:

Europe Is A Cybercrime Hub:

 

« Germany Wants A Legal Framework For Cyberwar
Cyber Audits Can Save Businesses $1.5m »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

authen2cate

authen2cate

Authen2cate offers a simple way to provide application access with our Identity and Access Management (IAM) solutions for enterprise, small business, and individual customers alike.

NQA Certification

NQA Certification

NQA provides certification to a range of ISO standards including ISO 27001 for information security management.

Commissum

Commissum

Commissum specialise in information assurance and security testing services.

Ovarro

Ovarro

Ovarro is the new name for Servelec Technologies and Primayer. Ovarro's technology is used throughout the world to monitor, control and manage critical and national infrastructure.

ActiveCyber

ActiveCyber

ActiveCyber is a source for news, reviews, learning, and technological innovation in the active cyber defense industry.

Swiss CyberSecurity

Swiss CyberSecurity

Swiss CyberSecurity is a non-profit group based in Geneva, set up to provide information and as a forum for discussion of topics related to CyberSecurity.

GovCERT Austria

GovCERT Austria

GovCERT Austria is the Austrian Government Computer Emergency Response Team. Its constituency consists of Austria's public administration.

MER Group

MER Group

MER Group is a world-leading solutions provider specializing in Homeland Security (HLS), Cyber and Intelligence, Communication Infrastructure and Tactical Communication Systems.

Project Moore

Project Moore

Project Moore is an Amsterdam law firm specialising in IT-law and privacy.

White Bullet

White Bullet

White Bullet’s risk profiling AI detects, dynamically scores and flags unsafe domains, apps and advertising.

GroupSense

GroupSense

GroupSense helps governments and enterprises take control of digital risk with cyber reconnaissance, counterintelligence and monitoring for breached credentials.

InsightCyber

InsightCyber

InsightCyber is on a mission to keep the world’s critical infrastructure, supply chains, and manufacturing operations cyber-safe, helping to prevent attacks that can have catastrophic impacts.

MyDocSafe

MyDocSafe

MyDocSafe is an all-in-one document security and e-sign software.

Thoma Bravo

Thoma Bravo

Thoma Bravo is a leading private equity firm with a 40+ year history and a focus on investing in software and technology companies.

GAVS Technologies

GAVS Technologies

GAVS is a global IT services provider with focus on AI-led Managed Services and Digital Transformation.

Oak9

Oak9

Oak9's Security as Code platform dynamically secures Infrastructure as Code (IaC) and deployed cloud workloads, automatically.