Everything Needed to Hack Major Corporations Is Available on the Darknet
If a cybercriminal decides to attack a large corporation, all the necessary tools can easily be found on darknet marketplaces. This conclusion was reached by a team of experts from the University of Surrey (UK) and Bromium after three months of monitoring cybercriminal activity and communicating with sellers.
During the study, the specialists analyzed data from a number of underground marketplaces, including Empire Market, The Hub, and the now-closed Dream and Wall Street markets. The research showed that tools for hacking companies from the Fortune 500 and Financial Times Stock Exchange 100 Index are advertised separately by sellers.
Most of the tools (34%) are intended for hacking companies in the financial sector, followed by e-commerce sites (20%), healthcare (15%), and educational institutions (12%). Notably, sellers offer unauthorized access to corporate networks (usually in the form of login credentials) to other companies in the same sector.
Methods of Access and Popular Tools
Methods for accessing corporate networks vary widely. For example, login credentials can be purchased for as little as $2, while a backdoor costs significantly more. However, remote access tools (Trojans) are the most popular. βWe were offered remote access Trojans five times more often than keyloggers,β the researchers noted.
More than 60 sellers offer access to at least ten corporate networks, selling stolen credentials for $2β$30 per pair.
On Russian-language forums, the malicious software Nuke is especially popular. It allows attackers to open a remote desktop and bypass the firewalls used by many companies on Windows systems.
Law Enforcement Response
Recent studies show that law enforcement agencies are actively shutting down darknet marketplaces that sell drugs, but tend to overlook cybercrime forums.