The Russian cyber underground has evolved from a shady arms bazaar to a sophisticated, professional online business with automated sales processes, customer service and a level of efficiency that resembles a legitimate organisation.
That's according to a recent report from Trend Micro called Russian Underground 2.0 which notes the Russian underground established itself via forums where cyber criminals in need could find whatever they needed to get their enterprises started.
Trend Micro says the underground is a place where cyber criminals can shop for all kinds of products and services that aid them in crafting and implementing malicious schemes. They no longer need to bother about developing code themselves, it adds.
According to the security solutions vendor, the Russian underground was the first market of its kind. It offered crimeware to criminals and established itself via forums sometime in 2004. Over the years, Trend Micro has been tracking how various underground markers are set up across countries while analysing developments and changes that happen in some of them.
The report discovered professionalisation and improved customer experience in the Russian cyber underground, with stolen credentials and exploits being built and sold in ways closely resembling legitimate business transactions.
Market expansion was another finding. Trend Micro says offerings are constantly expanding with new illegal tools and resources. Translation services are now available to help cyber criminals expand globally.
It points out with bulletproof hosting services providing infrastructure and anonymity to cyber criminals, as well as the increasingly user-friendly nature of these platforms, anyone with an interest in cyber crime can find the right partners and tools needed to execute their next scheme.
Bulletproof hosting servers represent the favourite hideouts for cyber criminals, says Trend Micro, adding these allow cyber criminals to host malicious activities while putting on the appearance of legitimacy and operating out of countries with lax laws to avoid authorities.
"Cyber crime has evolved in complexity and organisation capacity and, as with any underground malicious activity, estimating the precise scale of the underground business is tricky," says Ihab Moawad, vice-president MMEA and CIS at Trend Micro.
He explains that the Trend Micro research team has based its estimates around the size of the underground on the number of forums in it or how many threads a day each community member generates.
"In addition to this, they take into consideration the volume of activities and cyber traffic they see. The number of Russian underground forums, however, continues to increase each year."
Moawad adds the Russian underground was created via forums where cyber criminals in need could find whatever they needed to get their enterprises started.
"It was the first market of its kind, however, over the years since it was established, roughly 2004, our researchers have been tracking how various underground markers are set up across countries while analysing developments and changes that happen in some of them. Among them, the Russian market still holds the pioneer status."
Share