The Shocking State of Cybercrime in Russia

Uploaded on 2015-09-22 in INTELLIGENCE-Hot Spots-Russia, GOVERNMENT-Law Enforcement, FREE TO VIEW, NEWS-Cybersecurity News

011413_2001_Cybercrimea2.png

INFOSEC Institute: The highest numbers of cybercrime victims are located in Russia, China and South Africa.

Stolen Credit and Debit card constitute over $680 million in Russia Cybercrime market according to Group IB – a leading company in fraud prevention, cybercrime and hi-tech investigation. The Group released their annual report on Wednesday detailing the state of the Russian High-tech crime market in 2014.

Generally, the annual report gives a comprehensive assessment of “what, where and how of high-tech crime, naming which individuals and criminal groups are behind what crimes, where they originate and who they target.” Says Group IB. “It also details how specific cybercrime practices function, including fraud, banking information theft and malware infections.”
“With recent cybersecurity events such as the leaks at JPMorgan, Home Depot, Target and others, it pays to know which threats matter and where to best allocate security resources,” says Ilya Sachkov, CEO at Group-IB. “Having solid information on the exact nature of cybercrime attacks, and knowing the vulnerabilities that criminal target and exploit, is invaluable to protecting personal and corporate data. Our report provides readers with the knowledge to make smart security decisions”.

It is not a surprise that security analysts think “Russian-speaking hackers are still one of the most important origins of global high-tech crime trends.” A look at Russian market for stolen card in reveals a well-structured illegal market, complete with wholesalers and fully functional trading platforms. That implies that criminals   shop for stolen credit and debit card information as if they were purchasing goods on eBay or Amazon. Group IB’s report revealed that illegal trading platform know as SWIPED has uploaded details of over five million stolen cards. Majority of the card were reportedly stolen form Target – a retail chain breached last year and supplied by a notorious criminal known as REscator.s

Apparently hackers in Russia use bitcoins for illegal payments. The report points out that over 80% of payments on SWIPED are made using bitcoins with other crypto currencies slowly catching up. Crypto currencies are also popularly used in shadow internet shops to purchase goods such as drugs, weapons and stolen information.

Group IB also reported the use “malware-based botnets to mine bitcoins” was on an upward trend. Botnet renting services such as SkyShare are gaining wide popularity in the Russian market. Stealing from cryptocurrency wallets using Trojans has also become more sophisticated and common.

Threats related to mobile banking were on a rising trend.  Group IB pin pointed five criminal gangs that were using Trojan horses to infect android phones and steal banking information using SMS banking and phishing websites. Hackers were also using malware to read texts, eavesdrop on conversations and track victims’ location using GPS Locators. “The scale of these thefts is limited only by the manual nature of the activity,” according to security experts.
A look at the banking fraud revealed , that hackers in Russia were making a kill by reprogramming ATM machines either physically or by infecting the network with malicious scripts that corrupts the machines to pay larger values notes than they should. In other cases the malicious scripts collects PIN numbers and card numbers used on the compromised machines. The details are later used to withdraw from the accounts. The Group IB report reveals that one group stole over $1.2 million using the method.

Meanwhile, Online banking fraud has reduced significantly from $615million last to a record $425 million .The report shows that the number of Russian Speaking groups involved in online fraud a had reduced from 8 to 5 in one years’ time. Two of the group’s allegedly moved to foreign targets while one was disbanded by law enforcement agencies.
More worrisome is the rise in spam fraud. Group IB reported over 10,000 new online stores selling pharmaceuticals, fake products and software. Majority of spam shops were selling fake unlicensed pharmaceuticals.  The stores collude with legitimate sellers to circumvent international payments rules prohibiting payment of unlicensed medical supplies. The spam Fraud is worth a whopping $841 million according to the report.

The reports revealed Russian hackers were skimming past botnets in favor of more sophisticated DNS/NTP amplification attacks, which provide powerful attacks at a lower cost. Group IB recorded lower DDos attacks on government websites compared to the same period last year. DDoS attacks on banks and payment systems were on the rise.
The Group IB report clearly shows, cybercrime in Russia is on its own level, with an estimated annual turnover of more than $2billion a year. Other reports have pinpointed Russia as the source of at least a third of the world most deadly virus, Trojan and Malicious malwares. “In terms of sophisticated types of malware, Russia leads the way,” says Kyle Wilhoit, an American cyber-security expert.

The Russian government is partly to blame for the booming cybercrime industry. Wilhoits says Russia has an unlimited number of organized cybercrime gang who enjoy some level of protection when it comes to cybercrime. “Hackers only really get prosecuted when they attack targets inside Russia,” concludes Wilhoit.

Security Gladiators:  

 

« Why Aren’t Companies Using Military Security?
Using Threat Intelligence Against Cybercriminals »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Cyber Security Associates (CSA)

Cyber Security Associates (CSA)

Cyber Security Associates provides cyber consultancy and cyber managed services which help to detect, protect and educate against the ever-changing cyber threat.

Quality Professionals (Q-Pros)

Quality Professionals (Q-Pros)

QPros are a recognized leader in providing full-cycle software quality assurance and application testing services.

KnowBe4

KnowBe4

KnowBe4 is an integrated platform for security awareness training combined with simulated phishing attacks.

Aviva

Aviva

Aviva provides Cyber Liability cover for small to mid-market customers to help combat the threat of data and privacy breach.

Rogers Cybersecure Catalyst

Rogers Cybersecure Catalyst

Rogers Cybersecure Catalyst helps Canadians and Canadian companies seize the opportunities and tackle the challenges of cybersecurity.

Sharktech

Sharktech

Sharktech designs, develops, and supports advanced DDoS protection and web technologies.

Security Risk Management (SRM)

Security Risk Management (SRM)

SRM provide a comprehensive security risk management service encompassing people, processes, technology, governance, compliance and risk management.

Oxford Internet Institute - University of Oxford

Oxford Internet Institute - University of Oxford

The Oxford Internet Institute is a multidisciplinary research and teaching department of the University of Oxford, dedicated to the social science of the Internet.

Kriptos

Kriptos

Kriptos helps businesses improve their cybersecurity, risk, and compliance strategies by locating critical information through a technology that automatically classifies and labels documents using AI.

RSK Cyber Security

RSK Cyber Security

RSK Cyber Security are a leading cyber security services company that uses services, consulting, and product knowledge to lower security risk across the board.

Cypago

Cypago

Cypago provides a powerful yet easy-to-use Compliance Orchestration Platform to automate the compliance process end-to-end.

Radix Technologies

Radix Technologies

Radix offer end-to-end device management solutions, consolidating all the organization devices, processes and stakeholders into one easy-to-use management platform.

CNF Technologies

CNF Technologies

CNF Technologies is an award-winning cyber company providing technology-focused research and development to commercial, federal, and Department of Defense clients.

HIFENCE

HIFENCE

HIFENCE delivers cybersecurity and networking services that make your company safer and more secure. That’s all we do, so you can concentrate on all the things that you do best.

Nova Microsystems

Nova Microsystems

Nova's mission is to revolutionize cybersecurity through continuous data analysis and dynamic AI-driven encryption.

Claratti

Claratti

Clarrati are a team of innovators. Industry leaders in the cloud computing, remote working, and work-from-home space. We partner with you to empower your business for the future.