The last report published by Trend Micro is full of interesting information about the Middle East and North African cybercrime underground marketplaces.
“The most interesting driver here is the deep permeation of religious influence – from what is sold to how users and sellers interact,” explained Ed Cabrera, chief cybersecurity officer for Trend Micro.
Even if the Middle East and North African cybercrime underground are young it is rapidly increasing, making this ecosystem very dangerous due to future attacks powered by its actors.
The research was conducted in the period between July 2016 and December 2016, the researchers focused their investigation on the kind of merchandise available for sale in these black markets and their price lists.
The vast majority of products and services available in these marketplaces is the same that is available elsewhere, such as malware, hacking services, credit card and credential dumps, and stolen identity information.
“The marketplaces are also rife with do-it-yourself kits that provide the resources that even beginners can use to launch their own cyber criminal business. Developers typically sell their malware either as a single binary, or a bundle of binary and builder; and in some cases, access to a command-and-control (C&C) infrastructure.” continues the report.
Another element that characterized these black market is the low presence of weapons or drugs, visitors looking to buy these items were directed to forums in the North American underground instead.
Giving a look at the price list of the underground offering, markets in this area tended to be more expensive than in other regions.
Keylogger goes for $19 in Middle Eastern and North African forums, much more expensive than elsewhere, in the North American underground, it is possible to buy them for between $1 and $4.
The same is for credit card data, as usual, the final price depends on the country origin.
The stolen credentials and online accounts are also much more expensive, these commodities are very attractive for hackers that use them to access e-commerce
accounts and hijack government-owned systems and servers with weak authentication.
The following table shows that the highest price is for PayPal accounts belonging to Israeli users, they go for $50.
Port numbers for Internet-connected SCADA system were available for free in the criminal underworld in this region, while a WannaCry sample was available for just $50.
Let me stop here and suggest you read this excellent report.
|[adrotate banner=”9″]||[adrotate banner=”12″]|
(Security Affairs – North African cybercrime underground, cybercrime)