Reading the ‘High Crime Trends 2016’ Report from Group-IB

The Group-IB firm has published a report titled “High Crime Trends 2016” that includes interesting data about principal cybercrime trends.

Group-IB, one of the global leaders in preventing and investigating high-tech crimes and online frauds, has published an interesting report titled “High Crime Trends 2016” that provides an interesting analyzing of current criminal activities.

The Key Trends evaluate are evaluated based on facts and figures reported by Interpol, Europol, Group-IB and European cyber law enforcement.

The report starts with data related to targeted cyber attacks against banks, over the reporting period, the losses of Russian banks resulting from targeted attacks has increased by almost 300%. The experts noticed that most professional groups that in the past targeted private businesses, now have chosen banks or financial institutions as a target of their offensives.
The losses resulting from targeted attacks on banks in Russia in 2016 accounts for $44mln (+292% respect 2015).

In Russia, the number of cyber attacks against companies is decreased because hackers focused their efforts on targeting the financial industry.

The report confirms that Russian-speaking hackers continue to fuel the criminal underground with PC trojans and new banking trojans (i.e. Shifu, MidasBot, GozNym, Sphinx, and Corebot).

“16 out of the 19 trojans most actively used for theft can be linked to Russian-speaking cybercriminals.” states the report. “-83% The amount of money stolen from individuals with the help of PC-based trojans in Russia.”

The report confirms the great interest of the hacking community in Android trojans that are being actively developed, becoming even more sophisticated.

“Every day in Russia, 350 Android users fall victim to this scheme, and the amount of money stolen this way has increased by more than 450%.”

One of the most concerning data reported in the document is related to the espionage activities, tools for tapping conversations and intercepting traffic have become more readily available than ever before.

“More and more legitimate companies begin to offer such services as tracking the location or wiretapping of mobile phones by using the attacks on SS7 channel. There is also a growing black market: such offers are increasingly seen on hacker forums.” continues the report.

Law enforcement is worried by the phenomena such as the cybercrime-as-a-service and the extortion. A growing number of threat actors are offering for rent malicious infrastructure such as botnets. Cyber criminals are using DDoS attacks and ransomware as privileged attack vectors to rapidly monetize their efforts.

Another disconcerting aspect emerged from the report is related to the recruitment potential of terrorist groups, a phenomenon that according to Group-IB is growing.

“The European migrant crisis, the deterioration of the socio-economic situation, the aggravation of ethnic and religious conflicts in many regions of the world — all these factors pave the way for terrorist and extremist groups which are openly recruiting more followers, including hackers, in the informal segment of the Internet”

The report that was presented at the CyberCrime Con 2016 held in Moscow, is full of other interesting data and information, let me suggest to read it.

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs – crime trends, hacking)