The North American cyber-criminal underground it’s easy to access!

Pierluigi Paganini December 09, 2015

According to a new report published by Trend Micro, the North American cyber criminal underground is very easy to access.

The new report released by Trend Micro reveals that the cyber criminal underground market in North America isn’t so hidden like in other countries.

“It doesn’t exist in the dark web as much as other undergrounds do, or practice as much security,” ,”Essentially, it’s become a gun show for everyone as long as they can participate and are willing to pay.” says Tom Kellermann, chief cybersecurity officer at Trend Micro.

“The North American Underground primarily caters to customers within the region–users based in the United States (US) and Canada. Unsurprisingly, most of the offerings (stolen accounts, products and services, and fake documents) are US based. This is consistent with what we see in the Japanese1 and Brazilian2 undergrounds and suggests that US-based information is most sought after in it.” states the report.

Gigging in the underground markets users can buy, guns, drugs, hacking services, bulletproof vests, and even money laundering services or maybe hire a murder.

It could be useful to help different criminal activities, tradition organized criminals are becoming “cyber aware” and now do their business through the internet.

“We’ve done studies and exposes of the most significant undergrounds in the world,” “The U.S. underground doesn’t practice operational security. They’ve essentially become a shopping mall.”

Of course, law enforcement is aware of this trend and probably in the future more of these underground markets in response to the increasing pressure of the authorities will migrate to the darkweb, where they would be more protected.

In the decade of 2000, law enforcement agencies were doing very well, and almost every U.S cyber-criminal underground was dismantled, but in the last 3 years, the criminal underground market did a came back and its getting stronger.

“It’s larger because it’s providing a wider multiplicity of goods and services,”. “They’re there for the drugs, weapons, passports, stolen cards, and murder for hire.

Looking at the numbers, it can be seen that drugs it’s the popular item in the criminal underground ecosystem, getting 62% of the market, but also its interesting to see that stolen data dumps account gets 16%, fake documents 4%, weapons 2%, and murder for hire 1%.

North America criminal Underground Trend Micro

North America criminal Underground Trend Micro drugs

In terms of “murder for hire“, you have some options available like a simple beating for $3,000, or an “accidental death” for $900,000.

The last bit that we hadn’t covered yet was the crimeware that takes 15% of the market and include things like, buying malware, hacking services.

Other best seller besides drugs are malware, and the service provider for the malware does his homework, encrypting the malware multiple times as needed until the malware can pass undetectable through the endpoint products.

“it’s why targeted attacks have become so prevalent,”,”They will make sure their attacks cannot be stopped by perimeter defenses.”

North America criminal Underground Trend Micro crimaware offer

North America criminal Underground Trend Micro stolen card data

Talking about differences in countries, Kellerman explains:

“In the Russian or Chinese underground, they won’t sell you the back door into the system,”,”That’s a North American phenomenon. It’s like, I broke into a house last night, I made a duplicate of the key. You want it, you got it.”

One of the main reasons why nowadays we read about the cyber criminal underground in the news is because doing illegal activities in the cyberspace is becoming even more easy and cheap.

The model of sale known as crime-as-a-service is attracting the organized crime and is allowing a rapid growth of illegal activities online.

About the Author Elsio Pinto

Elsio Pinto (@high54security) is at the moment the Lead McAfee Security Engineer at Swiss Re, but he also as knowledge in the areas of malware research, forensics, ethical hacking. He had previous experiences in major institutions being the European Parliament one of them. He is a security enthusiast and tries his best to pass his knowledge. He also owns his own blog McAfee Security Engineer at Swiss Re, but he also as knowledge in the areas of malware research, forensics, ethical hacking. He had previous experiences in major institutions being the European Parliament one of them. He is a security enthusiast and tries his best to pass his knowledge. He also owns his own blog McAfee Security Engineer at Swiss Re, but he also as knowledge in the areas of malware research, forensics, ethical hacking. He had previous experiences in major institutions being the European Parliament one of them. He is a security enthusiast and tries his best to pass his knowledge. He also owns his own blog http://high54security.blogspot.com/
[adrotate banner=”9″] [adrotate banner=”12″]

Edited by Pierluigi Paganini

(Security Affairs – cybercrime, criminal underground)

[adrotate banner=”5″]

[adrotate banner=”13″]



you might also like

leave a comment