Trend Micro, a cybersecurity solutions provider, has released new data on cybercrime operations and patterns for underground purchases and sales of goods and services
Trust has eroded among criminal interactions, causing a switch to e-commerce platforms and communication using Discord, which both increase user anonymisation.
Moataz Binali, vice-president for Trend Micro Middle East and North Africa, said, “This report highlights the threat intelligence we collect and analyse from global cybercriminal networks that enables us to alert, prepare and protect our corporate customers and partners.
“This research helps us inform businesses early about emerging threats, such as Deepfake ransomware, AI bots, Access-as-a-Service and highly targeted SIM-swapping. A layered, risk-based response is vital for mitigating the risk posed by these and other increasingly popular threats.”
The report reveals that determined efforts by law enforcement appear to be having an impact on the cybercrime underground. Global police entities have taken down several forums, and the remaining forums are experiencing persistent DDoS attacks and problems of logging in that impact on their usefulness.
Loss of trust has led to the creation of a new site called DarkNet Trust, created to verify vendors and increase anonymity of users. Other underground markets have introduced new security measures, such as direct buyer-to-seller payments, multi-signatures for cryptocurrency transactions, encrypted messaging and a JavaScript ban.
The report also reveals the shifting trends in the cybercrime products and services market since 2015. Commoditisation has driven down prices for a lot of items. For example, crypting services fell from US$1,000 to just US$20 per month, while the price of generic botnets dropped from US$200 to US$5 per day.
Pricing remained stable for other items, including ransomware, Remote Access Trojans (RATs), online account credentials, and spam services, which indicates continuing demand.
Trend Micro Research, however, has seen a high demand for other services, like IoT botnets, with new undetected variants of malware selling for as much as US$5,000. Fake news and cyber-propaganda services are also popular, with voter databases selling for hundreds of dollars, and gaming accounts for games such as Fortnite can get an average of around US$1,000.
