Date:26/07/18
Malware writers have been using a free market model to sell their wares for some time. The success of this approach is clear from new research by Positive Technologies that finds demand for malware creation on the dark web is three times greater than supply.
Demand for malware distribution is twice the supply. This mismatch of supply and demand has led to interest among criminals in new tools, which are becoming more readily available in the form of partner programs that include malware-as-a-service and malware distribution-for-hire.
The analysis included 25 dark web sites, in Russian and English, with a total registered user base of approximately three million people. The researchers' looked at the completeness of dark web offerings (whether the advertised tools and services would be enough for a real attack) and the falling barriers to entry.
The costs of cybercrime continue to fall, compromising a site and obtaining full control over a web application may cost a mere $150. A targeted attack on an organization, depending on difficulty, can cost more than $4,500. The most expensive software was malware for ATM logic attacks, with prices starting at $1,500.
The leading type of malware available is cryptominers (20 percent of the total), followed by hacking utilities (19 percent), botnet malware (14 percent), Remote Access Trojans (RATs) (12 percent), and ransomware (12 percent). The majority of malware demand (55 percent) is for creation and distribution.
Most hack-for-hire requests involve finding site vulnerabilities (36 percent) and obtaining email passwords (32 percent). From sellers, the most commonly-offered services are hacking social network accounts (33 percent) and email (33 percent).
"This research shows a burgeoning and evolving dark web market for cybercrime," says Leigh-Anne Galloway, cyber security resilience lead at Positive Technologies. "As a consequence, approaches to cyberincident investigations have to adapt accordingly. It is important to take these findings into account when analyzing the techniques and tactics used for any particular incident. To have a deep understanding of attacker toolkits, defenders have to study the trends and tools found on the dark web before they show up on client systems. Perhaps dark web intelligence will even involve enabling preventive action, as increasing purchases of certain types of illegal software or services can indicate pending attacks."
Demand for dark web malware exceeds supply
Malware writers have been using a free market model to sell their wares for some time. The success of this approach is clear from new research by Positive Technologies that finds demand for malware creation on the dark web is three times greater than supply.Demand for malware distribution is twice the supply. This mismatch of supply and demand has led to interest among criminals in new tools, which are becoming more readily available in the form of partner programs that include malware-as-a-service and malware distribution-for-hire.
The analysis included 25 dark web sites, in Russian and English, with a total registered user base of approximately three million people. The researchers' looked at the completeness of dark web offerings (whether the advertised tools and services would be enough for a real attack) and the falling barriers to entry.
The costs of cybercrime continue to fall, compromising a site and obtaining full control over a web application may cost a mere $150. A targeted attack on an organization, depending on difficulty, can cost more than $4,500. The most expensive software was malware for ATM logic attacks, with prices starting at $1,500.
The leading type of malware available is cryptominers (20 percent of the total), followed by hacking utilities (19 percent), botnet malware (14 percent), Remote Access Trojans (RATs) (12 percent), and ransomware (12 percent). The majority of malware demand (55 percent) is for creation and distribution.
Most hack-for-hire requests involve finding site vulnerabilities (36 percent) and obtaining email passwords (32 percent). From sellers, the most commonly-offered services are hacking social network accounts (33 percent) and email (33 percent).
"This research shows a burgeoning and evolving dark web market for cybercrime," says Leigh-Anne Galloway, cyber security resilience lead at Positive Technologies. "As a consequence, approaches to cyberincident investigations have to adapt accordingly. It is important to take these findings into account when analyzing the techniques and tactics used for any particular incident. To have a deep understanding of attacker toolkits, defenders have to study the trends and tools found on the dark web before they show up on client systems. Perhaps dark web intelligence will even involve enabling preventive action, as increasing purchases of certain types of illegal software or services can indicate pending attacks."
Views: 694
©ictnews.az. All rights reserved.
Similar news
- Cellphone Use May Raise Cancer Risk
- Australian police pushes cyber safety education
- Vietnam aims to lead in e-government
- Senate Website Gets Hacked
- US builds net for cyber war games
- Japan enacts anti-computer virus law
- India passes law vs e-waste
- Anonymous Declares War On The City Of Orlando
- Microsoft highlights evolving dangers as online identity data proliferates
- Consumers want internet security to be provided by banks
- Government facilities targets of cyber attack
- South Korean web attacks might been war drill
- Sri Lanka to Establish National Passport Database to Increase Border Security
- Hi-tech crime agencies set to employ information security professionals
- Phone hacking and online campaign bring down the News of the World
