January 25, 2022 5:30 pm

Attacks on companies and institutions, the new business with which they are lining up on the Dark Web




Cybercrime has continued to develop by leaps and bounds in times of pandemic. Those in which cyber scams and the exploitation of vulnerabilities have become more common than ever. In recent months, new types of cybercriminals have even appeared. Some also promise to reformulate a business that, for a long time, generates hundreds of billions of euros in losses every year. This is the case, for example, of criminals dedicated, specifically, to sell violated credentials or direct access to companies and institutions of all types and sizes. A thriving business model that is developed in underground forums of the ‘Dark Web‘.

Cybersecurity company Trend Micro recently conducted a
about the phenomenon. For its development, it has investigated more than 900 access lists from January to August 2021 from multiple cybercrime forums in English and Russian. «In the second half of 2020 the phenomenon begins to emerge timidly, but they do not become frequent until this year. We have seen that now there are criminal forums that directly have a section dedicated to buying and selling accesses “, David Sancho, threat researcher at Trend Micro and co-author of the study, explains to ABC.

These cybercriminals, in effect, are dedicated to providing the means for malicious third parties to access the targets and ‘hack’ them. They are not affiliated with any specific cybercriminal group; they simply find a way to attack a company and institution and offer it for a price that varies according to the size and interest of the victim. According to the Trend Micro study, the cheapest accesses remain in the 10 dollars, although the average price moves around 8,500. Some, the most interesting, reach 100,000.

Cybercriminals specialized in this type of business can gain access in many ways. According to Trend Micro, they often share the provenance of credentials on forums. Are They can be in the public domain, come from exchanges made with other attackers, from the exploitation of vulnerabilities or other types of attacks. They have no interest in exploiting them. They are dedicated to finding a way to access a network that may be of interest to others. They resell it to those who do want to monetize it, ”says Sancho. The researcher also highlights that, although these cybercriminals do not work for third parties, “many, since they get good deals with certain groups, do then establish alliances with each other and offer things to themselves.”

Educational centers, the most affected

There are different groups of professionals dedicated to access trade. Specifically, three, as explained from Trend Micro. First up are the opportunistic sellers, who are focused on making quick profits and only trade with one access. Second are those who are specifically dedicated to this business, offering access to various objectives and employing more professional networks. Finally, there are online stores, which only guarantee access to a single machine instead of an entire network or organization.

According to the Trend Micro study, the supply of credentials and access to the education sector is being especially large, with 36% of the ads analyzed globally. “Schools are an ideal target because they hold a gold mine of personal information, such as financial data, medical records and social security numbers, all of which can be sold on cybercriminal forums or used to request a ransom,” explains the firm. in the study.

Regarding the educational institutions of SpainSpecifically, the figure drops to 26%. In our country, behind are advertisements that give access to government platforms (20%) and the manufacturing industry (15%).

Sancho points out that, while in the past cybercriminals had to invest great efforts to penetrate their targets, new access providers they make work much easier. They also make it more profitable: “It is affecting the way many cybercriminals do business. Now what they can do is simply hire someone who has already managed to enter and is able to show me how to attack the victim that interests me.

See them


Comments (0)

Leave a Reply

Your email address will not be published. Required fields are marked *