Digital Shadows Insights Blog : Cybercrime

The latest advice, opinion and research from our dedicated security analyst team.

The philosophical difference between the Old and New Schools of the cybercriminal underground

12 July 2016

I would recommend that anyone interested in the serious study of criminal activity on the dark web should pick up a copy of James Martin’s Drugs on the Dark Net:...

Read More

Your money or your data: Keeping up-to-date with the innovation

7 July 2016

DDoS extortion and ransomware attacks have featured heavily in the headlines recently. But the practice of obtaining money through threats is not new.

Read More

OPSEC versus branding – the cyber criminal’s dilemma

6 July 2016

Like any business, cybercriminals offering criminal services need to develop and maintain a brand and reputation in order to attract customers.

Read More

10 ways to prepare for credential leak incidents

30 June 2016

From LinkedIn to MySpace, threat actors like Peace of Mind and Tessa88 have been selling credentials in various criminal dark web locations.  Most recently we have seen thedarkoverlord offer up...

Read More

Shining a light on the dark web

21 June 2016

The dark web receives more than its fair share of media coverage pertaining to cyber crime.

Read More

Why go through the trouble to tumble?

17 February 2016

Today you can purchase a pizza in Berlin and pay for it from a digital wallet located on a computer in Prague.

Read More

Criminal services – Bulletproof hosting

21 January 2016

Cybercrime can be a lucrative business if you do it well. But how do criminals ensure the success of their schemes without interference from law enforcement or industry-led interventions, such...

Read More

DD4BC Arrests: What Now for Extortion?

15 January 2016

Earlier this week, Europol published a press release stating that an individual suspected of being a “key member” of the extortionist group DD4BC had been arrested, and that a further...

Read More

RATs: Invasion of Your Privacy

12 January 2016

When most people hear the word “RAT” they envision a large rodent that dines in dumpsters while seeking solace in sewers.

Read More

Digital Currency and Getting Paid In The Underground

6 January 2016

It’s been said that money makes the world go round.  People expect to be paid for their time, goods, and services, and cyber criminals are no different.

Read More

Criminal Services – Crypting

18 December 2015

In the world of cybercrime, malicious software (malware) plays an important role. But if you’re a cybercriminal, how do you keep your malware from being detected?

Read More

‘Hacker Buba’: Failed extortion, what next?

11 December 2015

An actor identifying itself as "Hacker Buba" recently claimed to have breached Invest Bank and posted purported customer and client information on Twitter as part of an attempt to extort...

Read More

TalkTalk information likely to be discoverable on the dark web

4 December 2015

Last month, TalkTalk disclosed that they been the victim of a cyber attack on its website.

Read More

Criminal Services – Counter Antivirus Services

30 November 2015

Infosecurity Magazine recently reported that two individuals have been arrested in the UK on suspicion of running a website that facilitates the development of malware.

Read More

Smilex: Dangers of Poor OpSec

27 October 2015

On 13 Oct 2015, it was revealed in an indictment on the US department of Justice website that Dridex (AKA Bugat and Cridex) activity had been disrupted and charges filed...

Read More

Online carding

7 October 2015

There is no shortage of credit card information being sold online. In the past six months alone, our spider (which covers I2P and ToR Darknet overlay networks as well as surface web carding sites) detected thousands of instances of sites offering credit...

Read More

OPSEC and Trust in an Underground Cybercriminal Forum

12 August 2015

There are perhaps tens of thousands of forums and sites in the visible and dark webs dedicated to criminal activity.

Read More

Exploiting is my business...and business is good

13 July 2015

In 2015 we are seeing new trends emerge with respect to Exploit Kits in the wild. These trends are particularly interesting in that they suggest that the frequency of 0-day exploits made available in these kits is growing while the time to integrate said 0-days from the time of discovery to inclusion in the kits is shrinking rapidly.

Read More

Online Extortion - Old Ways, New Tricks

6 July 2015

Extortion is nothing new for organised crime. For centuries, gangs have been operating protection rackets and kidnappings to successfully extract ransom money from their victims. And as with many things in modern life, these old techniques have been successfully brought over to the cyber realm.

Read More

Emerging Markets & Services: Ransomware-as-a-Service

9 June 2015

A look at emerging markets and services, specifically at  ransomeware-as-a-service.

Read More