The Shocking State of Cybercrime in Russia

Uploaded on 2015-09-22 in INTELLIGENCE-Hot Spots-Russia, GOVERNMENT-Law Enforcement, FREE TO VIEW, NEWS-News Analysis

011413_2001_Cybercrimea2.png

INFOSEC Institute: The highest numbers of cybercrime victims are located in Russia, China and South Africa.

Stolen Credit and Debit card constitute over $680 million in Russia Cybercrime market according to Group IB – a leading company in fraud prevention, cybercrime and hi-tech investigation. The Group released their annual report on Wednesday detailing the state of the Russian High-tech crime market in 2014.

Generally, the annual report gives a comprehensive assessment of “what, where and how of high-tech crime, naming which individuals and criminal groups are behind what crimes, where they originate and who they target.” Says Group IB. “It also details how specific cybercrime practices function, including fraud, banking information theft and malware infections.”
“With recent cybersecurity events such as the leaks at JPMorgan, Home Depot, Target and others, it pays to know which threats matter and where to best allocate security resources,” says Ilya Sachkov, CEO at Group-IB. “Having solid information on the exact nature of cybercrime attacks, and knowing the vulnerabilities that criminal target and exploit, is invaluable to protecting personal and corporate data. Our report provides readers with the knowledge to make smart security decisions”.

It is not a surprise that security analysts think “Russian-speaking hackers are still one of the most important origins of global high-tech crime trends.” A look at Russian market for stolen card in reveals a well-structured illegal market, complete with wholesalers and fully functional trading platforms. That implies that criminals   shop for stolen credit and debit card information as if they were purchasing goods on eBay or Amazon. Group IB’s report revealed that illegal trading platform know as SWIPED has uploaded details of over five million stolen cards. Majority of the card were reportedly stolen form Target – a retail chain breached last year and supplied by a notorious criminal known as REscator.s

Apparently hackers in Russia use bitcoins for illegal payments. The report points out that over 80% of payments on SWIPED are made using bitcoins with other crypto currencies slowly catching up. Crypto currencies are also popularly used in shadow internet shops to purchase goods such as drugs, weapons and stolen information.

Group IB also reported the use “malware-based botnets to mine bitcoins” was on an upward trend. Botnet renting services such as SkyShare are gaining wide popularity in the Russian market. Stealing from cryptocurrency wallets using Trojans has also become more sophisticated and common.

Threats related to mobile banking were on a rising trend.  Group IB pin pointed five criminal gangs that were using Trojan horses to infect android phones and steal banking information using SMS banking and phishing websites. Hackers were also using malware to read texts, eavesdrop on conversations and track victims’ location using GPS Locators. “The scale of these thefts is limited only by the manual nature of the activity,” according to security experts.
A look at the banking fraud revealed , that hackers in Russia were making a kill by reprogramming ATM machines either physically or by infecting the network with malicious scripts that corrupts the machines to pay larger values notes than they should. In other cases the malicious scripts collects PIN numbers and card numbers used on the compromised machines. The details are later used to withdraw from the accounts. The Group IB report reveals that one group stole over $1.2 million using the method.

Meanwhile, Online banking fraud has reduced significantly from $615million last to a record $425 million .The report shows that the number of Russian Speaking groups involved in online fraud a had reduced from 8 to 5 in one years’ time. Two of the group’s allegedly moved to foreign targets while one was disbanded by law enforcement agencies.
More worrisome is the rise in spam fraud. Group IB reported over 10,000 new online stores selling pharmaceuticals, fake products and software. Majority of spam shops were selling fake unlicensed pharmaceuticals.  The stores collude with legitimate sellers to circumvent international payments rules prohibiting payment of unlicensed medical supplies. The spam Fraud is worth a whopping $841 million according to the report.

The reports revealed Russian hackers were skimming past botnets in favor of more sophisticated DNS/NTP amplification attacks, which provide powerful attacks at a lower cost. Group IB recorded lower DDos attacks on government websites compared to the same period last year. DDoS attacks on banks and payment systems were on the rise.
The Group IB report clearly shows, cybercrime in Russia is on its own level, with an estimated annual turnover of more than $2billion a year. Other reports have pinpointed Russia as the source of at least a third of the world most deadly virus, Trojan and Malicious malwares. “In terms of sophisticated types of malware, Russia leads the way,” says Kyle Wilhoit, an American cyber-security expert.

The Russian government is partly to blame for the booming cybercrime industry. Wilhoits says Russia has an unlimited number of organized cybercrime gang who enjoy some level of protection when it comes to cybercrime. “Hackers only really get prosecuted when they attack targets inside Russia,” concludes Wilhoit.

Security Gladiators:  

 

« Why Aren’t Companies Using Military Security?
Using Threat Intelligence Against Cybercriminals »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Leonardo

Leonardo

Leonardo (formerly Finmeccanica) is a global high-tech company in Aerospace, Defence, Security & Information Systems including Cybersecurity & ICT solutions.

Veeam

Veeam

Veeam is the leader in intelligent data management for the Hyper-Available Enterprise.

Electus Recruitment Solutions

Electus Recruitment Solutions

Electus is a leading recruitment specialist in the Engineering, Technology & Digital and Cyber & Security sectors.

Hodgson Russ

Hodgson Russ

Hodgson Russ is a US business law firm. Practice areas include Privacy, Data Breach & Cybersecurity.

MSAB

MSAB

MSAB is a pioneer in forensic technology for mobile device examination.

Global Station for Big Data & Cybersecurity (GSB)

Global Station for Big Data & Cybersecurity (GSB)

GSB is an interdisciplinary research hub to cover big data, information networks, and cybersecurity.

Lirex

Lirex

Lirex offer consulting and outsourcing services, complete design, construction and maintenance of ICT solutions and systems including cybersecurity.

Fend

Fend

Fend secures smart infrastructure. We provide a robust, highly secure way to have situational awareness of IoT enabled assets.

DataEndure

DataEndure

DataEndure helps companies build digital resilience so that their critical information assets are protected and available to the right people, at the right time.

ProcessUnity

ProcessUnity

ProcessUnity is a leading provider of Third-Party Risk Management software, helping companies remediate risks posed by third-party service providers.

Bolster

Bolster

Bolster (formerly RedMarlin) is an AI-based cyber-security platform designed to detect phishing and fraudulent sites in real-time.

HB-Technologies

HB-Technologies

HB-Technologies is pioneer in Africa, in digital security, embedded electronic and IT solutions based on highly secure smart cards that comply with international standards and norms.

The Citadel Department of Defense Cyber Institute (CDCI)

The Citadel Department of Defense Cyber Institute (CDCI)

CDCI is established to address the critical national security needed for a skilled cybersecurity workforce.

Cyber Tzar

Cyber Tzar

Cyber Tzar is a new approach at dealing with an old problem; assessing and managing risks to your IT estate.

Boecore

Boecore

Boecore is an aerospace and defense engineering company that specializes in software solutions, systems engineering, cybersecurity, enterprise networks, and mission operations.

63 Moons Technologies (63MT)

63 Moons Technologies (63MT)

63 Moons Technologies is a world leader in providing next-generation technology ventures, innovations, platforms, and solutions.