The Shocking State of Cybercrime in Russia

011413_2001_Cybercrimea2.png

INFOSEC Institute: The highest numbers of cybercrime victims are located in Russia, China and South Africa.

Stolen Credit and Debit card constitute over $680 million in Russia Cybercrime market according to Group IB – a leading company in fraud prevention, cybercrime and hi-tech investigation. The Group released their annual report on Wednesday detailing the state of the Russian High-tech crime market in 2014.

Generally, the annual report gives a comprehensive assessment of “what, where and how of high-tech crime, naming which individuals and criminal groups are behind what crimes, where they originate and who they target.” Says Group IB. “It also details how specific cybercrime practices function, including fraud, banking information theft and malware infections.”
“With recent cybersecurity events such as the leaks at JPMorgan, Home Depot, Target and others, it pays to know which threats matter and where to best allocate security resources,” says Ilya Sachkov, CEO at Group-IB. “Having solid information on the exact nature of cybercrime attacks, and knowing the vulnerabilities that criminal target and exploit, is invaluable to protecting personal and corporate data. Our report provides readers with the knowledge to make smart security decisions”.

It is not a surprise that security analysts think “Russian-speaking hackers are still one of the most important origins of global high-tech crime trends.” A look at Russian market for stolen card in reveals a well-structured illegal market, complete with wholesalers and fully functional trading platforms. That implies that criminals   shop for stolen credit and debit card information as if they were purchasing goods on eBay or Amazon. Group IB’s report revealed that illegal trading platform know as SWIPED has uploaded details of over five million stolen cards. Majority of the card were reportedly stolen form Target – a retail chain breached last year and supplied by a notorious criminal known as REscator.s

Apparently hackers in Russia use bitcoins for illegal payments. The report points out that over 80% of payments on SWIPED are made using bitcoins with other crypto currencies slowly catching up. Crypto currencies are also popularly used in shadow internet shops to purchase goods such as drugs, weapons and stolen information.

Group IB also reported the use “malware-based botnets to mine bitcoins” was on an upward trend. Botnet renting services such as SkyShare are gaining wide popularity in the Russian market. Stealing from cryptocurrency wallets using Trojans has also become more sophisticated and common.

Threats related to mobile banking were on a rising trend.  Group IB pin pointed five criminal gangs that were using Trojan horses to infect android phones and steal banking information using SMS banking and phishing websites. Hackers were also using malware to read texts, eavesdrop on conversations and track victims’ location using GPS Locators. “The scale of these thefts is limited only by the manual nature of the activity,” according to security experts.
A look at the banking fraud revealed , that hackers in Russia were making a kill by reprogramming ATM machines either physically or by infecting the network with malicious scripts that corrupts the machines to pay larger values notes than they should. In other cases the malicious scripts collects PIN numbers and card numbers used on the compromised machines. The details are later used to withdraw from the accounts. The Group IB report reveals that one group stole over $1.2 million using the method.

Meanwhile, Online banking fraud has reduced significantly from $615million last to a record $425 million .The report shows that the number of Russian Speaking groups involved in online fraud a had reduced from 8 to 5 in one years’ time. Two of the group’s allegedly moved to foreign targets while one was disbanded by law enforcement agencies.
More worrisome is the rise in spam fraud. Group IB reported over 10,000 new online stores selling pharmaceuticals, fake products and software. Majority of spam shops were selling fake unlicensed pharmaceuticals.  The stores collude with legitimate sellers to circumvent international payments rules prohibiting payment of unlicensed medical supplies. The spam Fraud is worth a whopping $841 million according to the report.

The reports revealed Russian hackers were skimming past botnets in favor of more sophisticated DNS/NTP amplification attacks, which provide powerful attacks at a lower cost. Group IB recorded lower DDos attacks on government websites compared to the same period last year. DDoS attacks on banks and payment systems were on the rise.
The Group IB report clearly shows, cybercrime in Russia is on its own level, with an estimated annual turnover of more than $2billion a year. Other reports have pinpointed Russia as the source of at least a third of the world most deadly virus, Trojan and Malicious malwares. “In terms of sophisticated types of malware, Russia leads the way,” says Kyle Wilhoit, an American cyber-security expert.

The Russian government is partly to blame for the booming cybercrime industry. Wilhoits says Russia has an unlimited number of organized cybercrime gang who enjoy some level of protection when it comes to cybercrime. “Hackers only really get prosecuted when they attack targets inside Russia,” concludes Wilhoit.

Security Gladiators:  

 

« Why Aren’t Companies Using Military Security?
Using Threat Intelligence Against Cybercriminals »

CyberSecurity Jobsite
Check Point

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Tines

Tines

The Tines security automation platform helps security teams automate manual tasks, making them more effective and efficient.

Echelon

Echelon

Echelon Company is a provider of information security services specializing in certification of security software and hardware products in Russia.

Verve Industrial

Verve Industrial

Verve specialize in providing software and services to help protect and secure critical industrial control systems.

Centro de Gestion de Incidentes Informaticos (CGII) - Bolivia

Centro de Gestion de Incidentes Informaticos (CGII) - Bolivia

CGII is the Computer Incident Management Center of the State of Bolivia.

GitGuardian

GitGuardian

Enable developers, ops, security and compliance professionals to enforce security policies across public and private code, and other data sources as well

PatrOwl

PatrOwl

Automate your SecOps with PatrOwl, and start defending your assets efficiently.

RiskXchange

RiskXchange

RiskXchange's cybersecurity risk rating solution helps businesses solve complex cybersecurity and compliance challenges by providing a 360-degree view of your cybersecurity posture.

Sourcepass

Sourcepass

Sourcepass is an IT consulting company that focuses on providing expert IT services, cloud computing solutions, cybersecurity services, website, and application development.

N2K Networks

N2K Networks

N2K Networks is the world’s first “news to knowledge” network. The news to knowledge network is how you stay at the cutting edge in a rapidly changing world.

NetApp

NetApp

The NetApp portfolio includes intelligent cloud services, data services, and storage infrastructure that helps organizations manage applications and data everywhere across hybrid cloud environments.

endpointX

endpointX

endpointX is a preventative cyber security company. We help companies minimize their risk of breach by improving cyber hygiene.

ISO WISH

ISO WISH

Take your Business to the Next Level with ISO Certification in UAE.

SequelNet

SequelNet

SequelNet is an emerging MSP, providing 360° business IT solutions and consulting services.

Cipher Net Shield

Cipher Net Shield

Cipher Net Shield specializes in secure E-wallet solutions with a strong focus on blockchain and cybersecurity, prioritizing both transaction security and the recovery of lost capital.

Mindflow

Mindflow

Mindflow is dedicated to bringing answers to the challenges the cybersecurity field and beyond face today.

UberEther

UberEther

UberEther are a dedicated group of software developers and consultants developing and deploying the next generation of identity management and cloud solutions.

Prowler

Prowler

Prowler is at the forefront of the Open Cloud Security movement, championing a new era of transparency, customizability, and community-driven security for cloud environments.