ThreatList: Biggest Cybercrime Developments in 2018, So Far

A look at the underground cybercrime landscape in 2018 shows a dynamic and quick-reacting community in the face of a successful crackdowns by law enforcement.

Despite several successful crackdowns on several cybercriminal underworld gangs, miscreants have been highly active during the first half of 2018, according Flashpoint.

According to Flashpoint’s mid-year Business Risk Intelligence report, released last month, the major developments in the cybercriminal underground in 2018 include:

  • The takedown of MaxiDed, resulting in a major disruption of the top-tier bulletproof hosting provider market.
  • TrickBot gang’s continued development of new modules and expanding its targeting to various industry verticals.
  • Resurfacing of thedarkoverlord, claiming responsibility for new activity against legal and insurance firms.
  • Expansion of the GandCrab ransomware affiliate program to the East Asian underground.
  • The discovery of novel banking Trojans, including DanaBot, MnuBot, and BackSwap.
  • Heightened use of no-distribute virus scanning services such as Run4Me as workarounds for platforms such as VirusTotal.
  • A shift to Android traffic emulation in carding operations to bypass fraud detection systems.

Researchers note the significance of the Russian-language credit card shop called Joker’s Stash going public this year. Flashpoint notes that two new large datasets of stolen payment card data in the Bigbadaboom 2 and Zippo breaches in March and May, were added to the forum. “The data is believed to have originated from well-known U.S. businesses, such as Lord & Taylor, Saks Fifth Avenue, and Chili’s,” researchers said.

(ThreatList is an occasional overview of InfoSec landscape as represented in at-a-glance lists of relevant data.)

Suggested articles

jokers stash takedown

Joker’s Stash Carding Site Taken Down

The underground payment-card data broker saw its blockchain DNS sites taken offline after an apparent law-enforcement effort – and now Tor sites are down.