Business booms on the dark web as cybercriminals cash in

Cybercrime cash

Activity on dark web marketplaces that trade access to compromised networks has increased dramatically in the last year with sales up 50 percent, according to a new report by the threat research team at Lumu Technologies.

Criminal gangs are diversifying their monetization vehicles to extract maximum value from their efforts. Where in the past they would have been selling credit card and bank details, now access to mail servers, networks and more is on offer. Access to remote desktop protocols is particularly attractive.

In addition seemingly innocuous threats like cryptojacking, malware is increasingly being used by ransomware operators to probe and map out their target’s infrastructure.

Most ransomware attacks now begin with a 'lesser' compromise which can be easily launched through the access offered via a surge in the availability of enterprise user credentials. Certain malware strains such as Emotet and Zloader have become precursors to broader 'ransomware chain' attacks providing syndicate operators with another avenue to monetize their lower-level network incursions.

Attackers are also keen to extract maximum value from compromised networks by, for example, using the for cryptomining, launching spam campaigns and even reselling compromised infrastructure.

"We've seen at Lumu that ransomware attacks never happen in isolation," writes Lumu's Julian Brown on the company's blog. "There is always another type of threat like malware or a botnet that shows up first. The result is that there is no such thing as a 'minor threat'. One type of compromise can easily turn into another."

You can find out more and get the full report on the Lumu blog.

Image credit: Koldunov/depositphotos.com

Comments are closed.

© 1998-2024 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.