Brother
Professional
- Messages
- 2,590
- Reaction score
- 526
- Points
- 113
If a cybercriminal decides to attack a large corporation, he can easily find all the necessary tools on the darknet marketplaces. This conclusion was made by a team of specialists from the University of Surrey (UK) and Bromium after a three-month monitoring of cybercriminals' activity and communication with sellers.
In the course of the study, experts examined data on a number of underground trading platforms, including Empire Market, The Hub, the now closed Dream and Wall Street. The study found that hacking tools for Fortune 500 companies and the Financial Times Stock Exchange 100 Index are advertised separately by vendors.
Most of the tools (34%) are designed to hack financial sector companies, followed by e-commerce sites (20%), healthcare (15%) and educational (12%) institutions. Notably, vendors offer unauthorized access to corporate networks (usually in the form of credentials) to other companies in the same industry.
Access to corporate networks varies greatly. For example, for as little as $ 2 you can buy credentials, and for a large amount you can buy a backdoor. However, the most popular are tools (trojans) for remote access. “We were asked to buy remote access Trojans five times more often than keyloggers,” the researchers noted.
More than 60 merchants offer access to at least ten corporate networks, selling stolen credentials for $ 2-30 a pair.
Nuke malware is very popular on Russian-language forums, which allows you to open a remote desktop and bypass firewalls for Windows used by many companies.
Recall, as recent studies show, law enforcement agencies are actively closing the darknet marketplaces selling drugs, bypassing cybercriminal forums.
