sb-as logo
Story image

Cybercriminals seeking greater anonymity online, Trend Micro states

Cybercriminals have switched to ecommerce platforms and communication using Discord for greater anonymity, according to new research from Trend Micro.

New data from the company, which looks specifically at cybercriminal interactions and patterns for buying and selling goods and services on the black market, highlights the impact law enforcement has had on criminal interactions.

The report reveals that efforts by law enforcement have resulted in several forums being taken down by global police entities, and remaining forums experiencing persistent DDoS attacks and log-in problems, which in turn impact their usefulness.

This has led to the creation of a new site called DarkNet Trust, which was created to verify vendors' and increase user anonymity, Trend Micro states.

Other underground markets have launched new security measures, such as direct buyer-to-vendor payments, multi-signatures for cryptocurrency transactions, encrypted messaging, and a ban on JavaScript, according to the company.

In addition, the report also reveals the changing market trends for cybercrime products and services since 2015.

For one, commoditisation has driven prices down for many items. For example, crypting services fell from US$1,000 to just $20 per month, while the price of generic botnets dropped from $200 to $5 per day.

Pricing for other items, including ransomware, Remote Access Trojans (RATs), online account credentials and spam services, remained stable, which indicates continued demand.

However, Trend Micro research has seen high demand for other services, such as IoT botnets, with new undetected malware variants selling for as much as $5,000.

Also popular are fake news and cyber-propaganda services, with voter databases selling for hundreds of dollars, and gaming accounts for games like Fortnite can fetch around $1,000 on average.

Other notable findings include: the emergence of markets for Deepfake services for sextortion or to bypass photo verification requirements on some sites; AI-based gambling bots designed to predict dice roll patterns and crack complex Roblox CAPTCHA; and Access-as-a-Service for hacked devices and corporate networks.

Furthermore, prices for Fortune 500 companies can reach up to US$10,000 with services including access with read and write privileges, and wearable device accounts are being used for warranty scams that request for replacement devices.

Trend Micro head of consulting Hong Kong and Macau Tony Lee says, “This report highlights the threat intelligence we collect and analyse from global cybercriminal networks that enables us to alert, prepare and protect our corporate customers and partners.

"This research helps us inform businesses early about emerging threats, such as Deepfake ransomware, AI bots, Access-as-a-Service and highly targeted SIM-swapping. A layered, risk-based response is vital for mitigating the risk posed by these and other increasingly popular threats.”

Looking forward, Trend Micro states in the months following the global COVID-19 pandemic attack opportunities will continue to evolve.

To protect against the ever-changing threat landscape, Trend Micro recommends a multi-layered defense approach to protect against the latest threats and mitigate corporate security risk.

Story image
Cybersecurity market continues meteoric ascent - damages to reach $6 trillion
With the increase in cyberattacks, organisations are continuing to spend more money on security. However, without a focused cybersecurity strategy, they often spend it in the wrong areas.More
Story image
Video: 10 Minute IT Jams - protecting data with user behaviour analytics
In this video, Forcepoint senior sales engineer and solutions architect Matthew Bant discusses the company's DLP solution, the importance of integrating compliance into security solutions, and why cybersecurity strategies should take a more people-based approach.More
Story image
Network visibility is the crux of security in 2020
Resilience sits at the heart of security, and there is a need for organisations’ architecture, processes and strategies to be more impervious in order to continue to ensure protection, writes Gigamon A/NZ manager George Tsoukas.More
Story image
NVIDIA backs the future of hardware-based zero trust security
Check Point’s Infinity NEXT architecture will support NVIDIA DPUs by providing zero trust security. More
Story image
Palo Alto Networks launches new SD-WAN solutions and enhancements
Palo Alto Networks has introduced two new SD-WAN appliances and enhancements to its next-generation SD-WAN solution, expanding the company’s CloudGenix SD-WAN solutions reach.More
Story image
Security and operations collaboration key to success post COVID-19
“We are in an ultra-hybrid world with multi-everything, and in order to successfully navigate this landscape, ITOps, DevOps, and SecOps teams need to more closely align."More