The Market For Cybercrime Tools Is Thriving

The analysis, by researchers at Positive Technologies, included 25 sites on the dark web in Russian and English, with a total registered user base of about three million people. The researchers examined whether the advertised tools and services would be enough for a real attack and how much technical knowledge was required by prospective clients.

They found that cyber criminals no longer require deep technical knowledge and that any type of attack is now feasible given sufficient funding.

The researchers also examined the costs of cyber-crime services across the dark web and found that compromising a site and obtaining full control over a web application costs as little as $150, for example. However, a targeted attack on an organisation, depending on difficulty, can cost more than $4,500, while the most expensive malware was for targeting banks’ automatic teller machines through ATM logic attacks, with prices starting at $1,500.

The leading type of malware available was crypto-currency miners (20% of the total), followed by hacking utilities (19%), botnet malware (14%), remote access Trojans (RATs) (12%), and ransomware (12%).

The majority of malware demand (55%) was for creation and distribution, the researchers found.
While current demand for malware creation exceeds the supply by three times, the demand for malware distribution is twice the supply, the researchers found.

This mismatch of supply and demand has led to interest among criminals in new tools, which are becoming more readily available in the form of partner programs that include “malware as a service” and malware distribution-for-hire, the research showed.

Most of the hacker-for-hire requests from would-be buyers involve finding site vulnerabilities (36%) and obtaining email passwords (32%), while the most commonly offered services are hacking social network accounts (33%) and email (33%).
Leigh-Anne Galloway, cyber security resilience lead at Positive Technologies, said: “This research shows a burgeoning and evolving dark web market for cyber-crime.

“As a consequence, approaches to cyber incident investigations have to adapt accordingly. It is important to take these findings into account when analysing the techniques and tactics used for any particular incident.”
To have a deep understanding of attacker tool-kits, defenders have to study the trends and tools found on the dark web before they show up on client systems, said Galloway.

“Perhaps Dark Web intelligence will even enable preventive action, as increasing purchases of certain types of illegal software or services can indicate pending attacks,” she said.

However, the researchers said the trend of multiple threat actors using the same malware is likely to complicate attribution of future attacks.

Computer Weekly

You Might Also Read:

US Dark Web Raids Lead to Arrests And Seizures:

Europe Is A Cybercrime Hub:

 

« Germany Wants A Legal Framework For Cyberwar
Cyber Audits Can Save Businesses $1.5m »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Avanan

Avanan

Avanan is The Cloud Security Platform. Protect all your SaaS applications using tools from over 60 industry-leading vendors in just one click.

Executive Women's Forum (EWF)

Executive Women's Forum (EWF)

The Executive Women's Forum is the largest member organization serving emerging leaders and influential female executives in the Information Security, Risk Management and Privacy industries.

StormWall

StormWall

StormWall is an Anti-DDoS protection service for websites and networks. We offer 100% protection from all types of DDoS attacks and 24/7 technical support.

Infosistem

Infosistem

Infosistem is a Croatian ICT company with extensive expertise and experience in enterprise and SMB ICT projects and solutions.

BELAC

BELAC

BELAC is the national accreditation body for Belgium.

SEEK

SEEK

SEEK create world-class technology solutions to address the needs of job seekers and hirers across multiple sectors including cybersecurity.

Dale Peterson

Dale Peterson

Dale Peterson, a leading ICS security and control system IT information expert, provides consulting services to assess and improve the security of SCADA and DCS.

Blockchain Reactor

Blockchain Reactor

Blockchain Reactor is a blockchain consultancy and implementation company providing cutting-edge blockchain solutions for start-ups and enterprises.

Clone Systems

Clone Systems

Clone Systems is an award winning global cloud based managed security as a service provider.

Militus

Militus

Militus provides the only information security service available that learns and analyzes your network over time using a custom-built network-based toolset.

DKBInnovative

DKBInnovative

DKBinnovative is a best-practice driven IT management firm that provides secure, reliable IT solutions to productivity-focused clients around the globe.

Akito

Akito

Akito was set up to become a point of reference in the ICT market for issues related to Security and in particular Cyber Security.

ST Engineering Antycip

ST Engineering Antycip

ST Engineering Antycip (formerly Antycip Simulation) is Europe’s leading provider of professional grade COTS simulation software, projection & display systems, and related engineering services.

xorlab

xorlab

xorlab is a Swiss cybersecurity company providing specialized, machine-intelligent defense against highly engineered, sophisticated and targeted email attacks.

Analygence

Analygence

ANALYGENCE is your trusted partner for mission support, cyber solutions, and management services.

Tidelift

Tidelift

Tidelift provides the tools, data, and strategies that help organizations assess risk and improve the health, security, and resilience of the open source used in their applications.