According to a new report published by the security firm Digital Shadows
The analysis of posts on Dark Web forums reveals that at least one threat actor is willing to pay more than $64,000 per month ($768,000 per year) to skilled hackers to recruit in criminal activities. Like
Cybercrime gangs aim at hiring skilled hackers that can help them in extortion campaign against high-worth individuals, in this
“For purer extortionists, the threat actor TDO used the
“Those with Chinese, Arabic or German skills could earn an added five percent on their salary or commission.“
Highly competitive salaries and other forms of remuneration are becoming an essential element of attractive in the cybercrime ecosystem.
Experts believe that so high salaries could motivate skilled professionals in abandoning bug bounty programs and join the cybercrime arena.
Extortion is a profitable business, according to Digital Shadows, using compromised credentials found on public websites, crooks earned over $330,000 through
Skilled professionals could also opt to work alone, blackmail and extortion guides are offered for sale on several underground forums for less than $10. Black markets have a crucial role in the cybercrime ecosystem, they allow to match offer and demand for stolen credentials, botnets, sensitive documentation.
Sextortion campaigns allow crooks to use credential sets that are no longer valid, sextortion-based email campaigns seek to extort victims by threatening to publicly embarrass them for engaging in a sexually explicit act. Scammers, in fact, claim to have evidence and use previously exposed passwords as “proof” of compromise.
“These emails have been reported intermittently since late 2017, but the scale and persistence of the campaigns rocketed over 2018. Between July 2018 and February 2019, Digital Shadows has collected and analyzed a sample of sextortion emails in which 89,000 addresses received over 790,000 sextortion attempts.” continues the report
One of the most interesting case studies for extortion attempt reported in the report was the one that involved the hacking group The Dark Overlord.
In January, The Dark Overlord published the first batch of decryption keys for 650 confidential documents related to the 9/11 terrorist attacks.
The group published a message on Pastebin announcing that it decided to offer for sale the documents even if the law firm paid to avoid publishing the documents. The Dark Overlord group decided to publish the document because the company contacted law enforcement.
If you want to read more about extortion activities conducted by cybercrime gangs give a look at the report.
[adrotate banner=”9″] | [adrotate banner=”12″] |
(
[adrotate banner="5"]
[adrotate banner=”13″]