The Shocking State of Cybercrime in Russia

Uploaded on 2015-09-22 in INTELLIGENCE-Hot Spots-Russia, GOVERNMENT-Law Enforcement, FREE TO VIEW, NEWS-Cybersecurity News

011413_2001_Cybercrimea2.png

INFOSEC Institute: The highest numbers of cybercrime victims are located in Russia, China and South Africa.

Stolen Credit and Debit card constitute over $680 million in Russia Cybercrime market according to Group IB – a leading company in fraud prevention, cybercrime and hi-tech investigation. The Group released their annual report on Wednesday detailing the state of the Russian High-tech crime market in 2014.

Generally, the annual report gives a comprehensive assessment of “what, where and how of high-tech crime, naming which individuals and criminal groups are behind what crimes, where they originate and who they target.” Says Group IB. “It also details how specific cybercrime practices function, including fraud, banking information theft and malware infections.”
“With recent cybersecurity events such as the leaks at JPMorgan, Home Depot, Target and others, it pays to know which threats matter and where to best allocate security resources,” says Ilya Sachkov, CEO at Group-IB. “Having solid information on the exact nature of cybercrime attacks, and knowing the vulnerabilities that criminal target and exploit, is invaluable to protecting personal and corporate data. Our report provides readers with the knowledge to make smart security decisions”.

It is not a surprise that security analysts think “Russian-speaking hackers are still one of the most important origins of global high-tech crime trends.” A look at Russian market for stolen card in reveals a well-structured illegal market, complete with wholesalers and fully functional trading platforms. That implies that criminals   shop for stolen credit and debit card information as if they were purchasing goods on eBay or Amazon. Group IB’s report revealed that illegal trading platform know as SWIPED has uploaded details of over five million stolen cards. Majority of the card were reportedly stolen form Target – a retail chain breached last year and supplied by a notorious criminal known as REscator.s

Apparently hackers in Russia use bitcoins for illegal payments. The report points out that over 80% of payments on SWIPED are made using bitcoins with other crypto currencies slowly catching up. Crypto currencies are also popularly used in shadow internet shops to purchase goods such as drugs, weapons and stolen information.

Group IB also reported the use “malware-based botnets to mine bitcoins” was on an upward trend. Botnet renting services such as SkyShare are gaining wide popularity in the Russian market. Stealing from cryptocurrency wallets using Trojans has also become more sophisticated and common.

Threats related to mobile banking were on a rising trend.  Group IB pin pointed five criminal gangs that were using Trojan horses to infect android phones and steal banking information using SMS banking and phishing websites. Hackers were also using malware to read texts, eavesdrop on conversations and track victims’ location using GPS Locators. “The scale of these thefts is limited only by the manual nature of the activity,” according to security experts.
A look at the banking fraud revealed , that hackers in Russia were making a kill by reprogramming ATM machines either physically or by infecting the network with malicious scripts that corrupts the machines to pay larger values notes than they should. In other cases the malicious scripts collects PIN numbers and card numbers used on the compromised machines. The details are later used to withdraw from the accounts. The Group IB report reveals that one group stole over $1.2 million using the method.

Meanwhile, Online banking fraud has reduced significantly from $615million last to a record $425 million .The report shows that the number of Russian Speaking groups involved in online fraud a had reduced from 8 to 5 in one years’ time. Two of the group’s allegedly moved to foreign targets while one was disbanded by law enforcement agencies.
More worrisome is the rise in spam fraud. Group IB reported over 10,000 new online stores selling pharmaceuticals, fake products and software. Majority of spam shops were selling fake unlicensed pharmaceuticals.  The stores collude with legitimate sellers to circumvent international payments rules prohibiting payment of unlicensed medical supplies. The spam Fraud is worth a whopping $841 million according to the report.

The reports revealed Russian hackers were skimming past botnets in favor of more sophisticated DNS/NTP amplification attacks, which provide powerful attacks at a lower cost. Group IB recorded lower DDos attacks on government websites compared to the same period last year. DDoS attacks on banks and payment systems were on the rise.
The Group IB report clearly shows, cybercrime in Russia is on its own level, with an estimated annual turnover of more than $2billion a year. Other reports have pinpointed Russia as the source of at least a third of the world most deadly virus, Trojan and Malicious malwares. “In terms of sophisticated types of malware, Russia leads the way,” says Kyle Wilhoit, an American cyber-security expert.

The Russian government is partly to blame for the booming cybercrime industry. Wilhoits says Russia has an unlimited number of organized cybercrime gang who enjoy some level of protection when it comes to cybercrime. “Hackers only really get prosecuted when they attack targets inside Russia,” concludes Wilhoit.

Security Gladiators:  

 

« Why Aren’t Companies Using Military Security?
Using Threat Intelligence Against Cybercriminals »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Virtual Security

Virtual Security

Virtual Security provides solutions in the field of managed security services, network security, secure remote work, responsible internet, application security, encryption, BYOD and compliance.

Kent Interdisciplinary Research Centre in Cyber Security (KirCCS) - University of Kent

Kent Interdisciplinary Research Centre in Cyber Security (KirCCS) - University of Kent

KirCCS harnesses expertise across Kent University to address current and potential cyber security challenges.

SGCyberSecurity

SGCyberSecurity

SGCyberSecurity is Singapore's No.1 Cyber Security portal. From this platform, you will be able to find useful articles, resources and connect with the security companies for your business needs.

Department of Justice - Office of Cybercrime (DOJ-OOC)

Department of Justice - Office of Cybercrime (DOJ-OOC)

The Office of Cybercrime within the Philippines Department of Justice is the Central Authority in all matters relating to international mutual assistance and extradition for cybercrime.

Crosser

Crosser

The Crosser Platform enables real-time processing of streaming or batch data for Industrial IoT, Data Transformation, Analytics, Automation and Integration.

NetSecurity

NetSecurity

NetSecurity is a Brazilian company specializing in Information Security. We provide Managed Security Services (MSS), network security solutions and other specialist services.

Right-Hand Cybersecurity

Right-Hand Cybersecurity

Right-Hand Cybersecurity empowers businesses to monitor, measure and mitigate employee induced cyber risks in real-time.

Edureka

Edureka

Edureka is an online technology training provider with the most effective learning system in the world. We help professionals learn trending technologies for career growth.

MazeBolt Technologies

MazeBolt Technologies

Israel-based MazeBolt is an innovation leader in cybersecurity, with over two decades of experience in pioneering DDoS protection solutions.

Yoti

Yoti

Yoti offer a suite of business solutions that span identity verification, age estimation, e-signing and AI anti-spoofing technologies.

Gray Analytics

Gray Analytics

Gray Analytics is a Cybersecurity Risk Management company providing best-practice services across a broad spectrum of cyber scenarios for both government and commercial customers.

Qohash

Qohash

With a focus on data security, Qohash supports security, compliance and optimization use cases enhancing your risk management process.

DeNexus

DeNexus

DeNexus is the leading provider of cyber risk modeling for industrial networks. Our Mission is to build the Global Standard for Industrial Cyber Risk Quantification.

PA Consulting

PA Consulting

PA Consulting Group is a consultancy that specialises in strategy, technology and innovation. Our cyber security experts work with you to spot digital and technology security risks and reduce them.

Hawk AI

Hawk AI

Hawk AI’s mission is to help financial institutions detect financial crime more effectively and efficiently using AI to enhance rules and find anomalies.

GeoComply

GeoComply

GeoComply provides fraud prevention and cybersecurity solutions that detect location fraud and help verify a user's true digital identity.

ConductorOne

ConductorOne

ConductorOne is building the identity security platform for the modern workforce.