Cyber Crime Underground Runs Like Regular Business
The North American cybercriminal underground is not hidden or exclusive, as it is in other countries, according to Trend Micro Incorporated’s report, “North American Underground: The Glass Tank.”
While cybercriminals in other parts of the world operate in secrecy, North American cybercrime operations are not afraid to sell goods in the open, including drugs, crimeware, stolen data, and other illicit products and services. The markets are competitive, as there are many vendors that sell the same products. Since competition is strong, North American cybercriminals will advertise goods on the Surface Web, advertising on forums and YouTube.
While advertisements are out in the open, transactions involve several steps, including virtual currency and exchanges, to maintain a buyer and seller’s anonymity.
Other key findings include:
- Many forums in the North American market sell hacking tools, also called “crimeware.”
- Crypting services are some of the most important tools in the underground industry. These service providers can determine which security products can flag a code as “malicious.” From there, they can encrypt the malware so that it avoids detection.
- Credit card credentials are popular products, but clones or copies of stolen credit cards are also sold.
- Drugs are available, and buying online keeps these purchases anonymous.
- The weapons marketplace allows foreign contacts to deliver goods outside of North America.
“The high level of sophistication of the services and tools we found in the North American underground allows cybercriminals to thrive across the spectrum of expertise,” said Raimund Genes, CTO, Trend Micro. “With illegal goods and services spanning the physical and virtual realm, ranging from advanced malware to narcotics, this marketplace is of particular concern. As such it is no surprise we’ve seen a concentration of law enforcement activity in the underground which can lead to arrests and prosecution of its users.”