Does a life of cybercrime really pay, as per Armor’s Black Market Report (released yesterday), exposing the hacker underground and detailing popular tools and services cybercriminals are peddling, as well as what types of data hold the most value. For three months, Armor’s Threat Resistance Unit (TRU) research team compiled and analyzed data from the black market to shed light on the type of activity threat actors are participating in and how underground forums operate in the burgeoning industry. Ilia Kolochenko, CEO at High-Tech Bridge commented below.
Ilia Kolochenko, CEO at High-Tech Bridge:
“Unfortunately, there nothing substantially new in the report. A great wealth of Cybercrime-as-a-Service offerings have existed for a while already, let alone exploit, malware and stolen data markets that are more than fifteen years old.
Some additional technical details would also be helpful. For example, a WordPress exploit can easily cost a 5-figure amount depending on the vulnerability’s criticity, exploitability and its public status (i.e. if it’s a 0day or not). For $100, you will unlikely buy anything of decent quality but an SQL injection in an unpopular plugin.
Most of these publicly-traded goods and services are of a very lousy quality. Backdoors and trojans are usually based on the same engine, slightly modified or improved. Stolen data is a mix of several dumps from different data breaches or leaks. Many fraudsters sell overt fakes or garbage. While professional cybercriminals usually deal via private channels, established for many years and very well camouflaged on legitimate systems, beyond cybersecurity companies and law enforcement’s field of vision. With cryptocurrencies, money laundering problems virtually disappeared and cybercriminals may enjoy their growing wealth without fear.”
