Bitcoin will do nicely -- the state of Russian cyber crime
Banking fraud is down, mobile threats are up and cryptocurrency is the preferred payment method in the world of Russian cyber criminals.
Fraud prevention and cyber crime investigation specialist Group-IB has released a report on the Russian high-tech crime market in 2014. The report provides detailed assessments of the who, what, where and how of high-tech crime, who is behind what crimes, where they originate and who they target.
"With recent cybersecurity events such as the leaks at JPMorgan, Home Depot, Target and others, it pays to know which threats matter and where to best allocate security resources," says Ilya Sachkov, CEO at Group-IB. "Having solid information on the exact nature of cybercrime attacks, and knowing the vulnerabilities that criminal target and exploit, is invaluable to protecting personal and corporate data. Our report provides readers with the knowledge to make smart security decisions".
The report identifies a number of key trends, banking fraud overall is down. Of eight criminal groups active in Russian online banking theft last year, two have switched to foreign targets and one was broken up following the 2014 arrest of one of its leaders. However, mobile banking threats are up as five criminal groups have emerged that specialize in mobile banking theft using Trojans. These groups infect Android phones and steal information via SMS banking and the use of phishing sites.
Attacks on financial institutions continue and groups targeting them have stolen about $40 million during the report period, using techniques including Trojans, phishing sites, and even assistance from inside personnel. ATMs are a popular target too either via physical attack or access to networks.
A look at the online black market in stolen card details -- known as SWIPED -- reveals that one individual uploaded details of over five million cards in the past year. Group-IB estimates the market in stolen cards at $680,000,000. Investigation of a test sample found that all sampled cards on offer were originally stolen from the retail chain Target, which suffered a security breach in the past year.
When it comes to payment hackers prefer virtual currencies. The report finds that 80 percent of payments on SWIPED are made using Bitcoin. The use of malware-based botnets to mine bitcoins has also become more widespread and stealing from cryptocurrency wallets using Trojans is also more sophisticated and commonplace.
None of this means that the old favorite cyber crimes are going away though. Group-IB still detects 10,000 stores selling fake pharmaceuticals via spam every month.
You can read more about the report's findings and look at its prediction of trends for the coming year on the Group-IB website.