Today, the darknet is no longer "dark"

Dell SecureWorks has released a new report on underground hacker markets services. The study States that hackers actively improve the quality of services and promote their large-scale.

Analysts focused on the activity and proposals on underground forums and markets around the world, especially in English and Russian.

Specialists on cyber security are constantly monitoring the hackers and scammers in the "dark corners" of the Internet, criminals calculate and transmit information to capture the intelligence. But not all violators can be prosecuted, especially when it comes to petty theft and break-ins.

Underrated threat can quickly turn into a huge "hole" with all the ensuing consequences. Therefore, people and businesses it is important to understand what is happening and draw the appropriate conclusions.

Many users believe that to meet the attacks enough antivirus software and strong passwords will protect your accounts in social networks and email services.

In fact, if someone decides to get private information, then steal money from an individual user or an entire company, the average person will hardly notice it and will be able to sort out the problem.

No antivirus or firewall will not save.

According to the experts at Dell SecureWorks, Russian hackers are increasing the number of working hours and offer to conduct transactions through a surety intermediary to ensure successful task execution and transfer of money. The company's specialists also noticed lower prices on some services of cybercriminals, compared with queries in the previous years. This is attributed to the reduction in the cost hacking.

"I would not say that the services of hackers go down in price. The decline in market values would mean a drop in demand for their services, but, unfortunately, it is not. In parallel with the development of IT is moving the information security industry and helps both companies and ordinary people (think of the recent news about the inclusion of encryption in WhatsApp) to build a layered defense against cybercriminals. In these conditions, the attackers have deeper and more serious to work scheme attacks in order to get interesting and profitable information," said Viktor Ivanov, business development Manager of global business Group-IB. Cheaply and effectively.

According to research, the average corporate email hacking hackers demand $500, for determining the IP address — $90. In addition, illegal "entrepreneurs" offer to buy a set of virus-Trojans for $5-10 or exploit kits to hacking from $100 to $135.

Themselves sold on underground markets the virus is simple: they will calculate and neutralize anti-virus software.

To make life difficult for digital defense, hackers create viruses encoders, which seriously disguised malicious code. This encoder hackers offer $80-440, depending on complexity.

In addition, the scammers promise to hack any website and steal the necessary information from there for $350 and then $20 to collect personal data on people.

In addition to the standard services on the darknet run ads for the sale of sets of training courses and a lot of different services on the "collapse" of servers. How do they do it?

As explained by Victor Ivanovski, to collect information, attackers prefer to rely primarily on digital tools — viruses, collecting screen shots, files, workstations, SMS and phone calls, the text typed on the keyboard.
"Together with the social engineering tools and remote access it gives criminals the opportunity to make an attack leading to the loss of tens of millions of dollars. It is much easier to implement and scale, but also less risky compared to insider activities," said Ivanovsky.

Close to the subject, a source told "Газете.Ru" that sets viruses, encoders, card numbers, passwords and company data actually could be found in abundance, and before the existence of darknet.

Hackers appreciate not only the type of interfaces of web services, and servers, as well as analyzing the flows of users and data.

"After such research it becomes clear on which of the nodes easier to find vulnerabilities and which ones are more difficult," — said the source.

According to him, in the darknet there are providers of exploits and vulnerabilities, but not all necessarily published. There is a stage of checking and seeking buyers of a particular vulnerability in the person who created the program or service of the company, its competitors and the companies IT security. Large companies as rewards are often offered a job.

According to an anonymous source, the economy is a "shadow" of the Internet more sharpened by small and "gray" cases, and serious break-ins something protected buyers are unlikely to find too expensive and dangerous for the audience of such sites.

"Serious people from the old and new groups communicate with each other in encrypted messengers to find out about each other they can out of official competitions on hacking and other similar events. Many met around cryptoanalysis or cybercommunities projects," he explained. The darknet is no longer "dark".

One of the vendors popular underground market told "Газете.Ru" that, in his opinion, at these sites one gets a typical situation: with the increase of an increasing number not only of high standard services from recognized suppliers, but also a large number of substandard courses or free tutorials for hacking.

In this case in the illegal activity are all of the same market laws: tough competition between the crooks getting them to work on the design and functionality of clandestine exchanges.

"Today, the darknet, or whatever you want to call it, more not so "dark".

The content of the anonymous exchange — it is almost opening a regular online store, but with a number of threats about which to worry, hackers, scammers and public services that have proven the ability to successfully close these services and exchange," commented the seller.

Researcher and University Professor Carnegie Mellon University, has long engaged in the study of anonymous markets darknet, Nicola Christine notes that the methodology of the research of Dell SecureWorks leaves a number of issues, but the overall trends described in the right direction.

"The main trends, which they say, — professionalization and improving the quality of services — do not seem to me unusual, given that the overall market increases competition and each participant must differentiate themselves from the rest. But the basic question of this report, is there any difference between advertised and actual quality and price, remains open," commented "Газете.Ru" Nicolas Christine.
How to protect yourself. "Global trends and the experience of our colleagues in the fight against cybercriminals show that now to effectively counter nothing is more important than information. Information about their activities, about their ongoing developments, about the criminal schemes and how to attack, how they are exploring and how they make preparations for the operations. These data, which are mined analysts, engineers, specialists groups of investigations that helps law enforcement agencies and organizations to enter the real perpetrators and organizers of cybercrime," said Victor Ivanovsky.

Experts Group-IB in its latest report on the activities of hacking groups predict that criminals and swindlers have set their sights on mobile platforms.

One of the main ways of penetration of the banking network remains a phishing email with embedded exploits, documents with macros or executable files in the archive with a password, according to the report Group-IB.

Experts recommend the following countermeasures: to study and increase knowledge about threats, use two-factor authentication, to keep copies of all documents, encrypt correspondence in e-mail, if possible, do not use the same device for communication and banking transactions, be sure to watch for updates and operating system, be careful not to install an unknown extension, the program "quick load" and things like that, especially free.

Companies must monitor potential weaknesses in the network, to involve experts for research and protection, install system to detect and prevent intrusions, conduct vulnerability scanning, to track activity within the network and to reduce the number of users with administrator rights.

"If you look at short time, a balance exists: the IT market and the developers are reacting to major vulnerabilities only and rather late. This is also evident in the evolution of encryption. If we consider a long-term perspective, the balance exists: users need security, and they rely on services with a good reputation, so the security market is improving. But he's always late for hacks and even information about the vulnerabilities," — said the source, speaking about the balance in cyber security. 

---------
Reference: http://digest.subscribe.ru/inet