“Looking back at the 1990s and at the beginning of 2000, you had to have a reasonable level of technical competence to draw this kind of crime,” said CNBC Nicholas Court, deputy director of financial crime and interpol anti-corruption.
Imaginima E+ | Getty images
The expanding network of markets of cybercrime makes it easier to become a professional cheater, constituting unprecedented threats of cyber security around the world, experts warn.
Cybercriminals are often depicted in popular media as dishonest and highly qualified people who control the skills of coding and hacking from a poorly lit room. But such stereotypes become outdated.
“Looking back at the 1990s and at the beginning of 2000, you had to have a reasonable level of technical competence to draw this kind of crime,” says CNBC Nicholas Court, deputy director of financial crime and anti-corruption of Interpol.
Today, the entrance barriers have fallen “quite significantly,” said the court. For example, obtaining personal data, such as E -Mail addresses and sending them massively spam messages – one of the oldest online fraud in the book – has never been easier.
Cyber security experts say that the change is caused by progress in the field of fraud and development of organized online markets in which specialist knowledge and cybercrime resources are bought and sold.
The growing economy of cybercrime
“In the last decade, the evolution of dishonest cyber criminals in organized groups and networks are part of the blooming underground economy,” said Tony Burnside, vice president and head of Asia and Pacific in Netskope, a security company in the cloud.
He added that this trend was the appearance of global underground markets, which offer “cybercrime” or “caa”, through which suppliers burden customers for various types of malicious tools and services of cybercrime.
Examples of CAA include ransomware and hacking tools, Botnets For rent, stolen data and everything that cybercriminals can help in their illegal actions.
“The availability of these services certainly helps in enabling more cyber criminals, enabling them to scale and sophistication of their crime while reducing the required technical knowledge,” said Burnside.
Caas is often hosted on markets in “Darknet” – a part of the Internet that uses encryption technology to protect users' anonymity.
Examples include the market Abacus, Rynek Torzon and Styx, although the highest markets often change when the authorities close them and new.
Burnside adds that criminal gangs serving Caas services and markets began to act as “legal organizations in their structure and processes.”
Meanwhile, suppliers of these illegal exchanges tend to accept payments only in cryptocurrency, trying to remain anonymous, unclear income and avoid detection.
Silk roadThe infamous dark market of the network, which was closed by law enforcement agencies in 2013, is considered by many to be one of the earliest uses of large -scale cryptocurrency.
Darknet emerges from the shadows
Although the use of cryptocurrencies on the cybercrime market may help darken the identity of participants, it can also increase their actions in blockchain, according to Chainalysis, a blockchain research company that tracks illegal cryptographic transactions.
According to chainalysis data, while Darknet markets remain the main factor in the global cybercrime ecosystem, more activities go to public internet and secure message sending services such as Telegram.
The greatest of these markets identified by Chainalysis is the guarantee of Hionione-Platform associated with the group of Cambodian Cambodian Conglomerates Hionione-who, according to the company, acts as “a” comprehensive store for almost every form of cybercrime. “
The Chinese language platform acts as a peer-to-peer market, in which sellers offer chainalysis services, which are associated with illegal activities such as laundering money and fraud based on cryptography.
Suppliers pay for advertising on the Hionione website, often directing interested parties to private groups of telegrams. If the sale is made, Hionion seems to act as deposit and question the intermediary to “guarantee” the replacement.
The chain data shows that Hionion's warranty suppliers have processed stunning cryptographic transactions worth $ 70 billion since 2021. Meanwhile, an elliptical, another blockchain analytical company, estimates that the Hionione Group entities received at least 89 billion dollars in cryptocurrency resources, creating them “The largest illegal online market in history.“
The platform advertises and manages potential buyers of a group of suppliers on a telegram that offer everything, from fraud and money laundering to social services and illegal goods.
According to Andrew Fierman, the Chief of Security Intelligence, the National Security Scale and Volume Transations on Hione Guaranture, it is probably used by numerous organized criminal groups.
He adds, however, that many services do not cost a lot of money, providing a low entry barrier and access to cybercrime for “each with an internet connection”.
According to Chainalysis, people who want to facilitate “romance” or investment fraud can be able to buy the necessary tools and services for Hionion for just a few hundred dollars. Costs can reach thousands of dollars, depending on the level of complexity they want to make.
Investing or romance fraud include a fraud building relationships with the victim through social media or dating applications, intending to withdraw them thanks to the apparent investment capabilities.
A fraudster trying to draw this kind of fraud, can buy a Hionion guarantee for a data portfolio of potential victims, such as phone numbers; Old accounts on social media that seem to come from real people; and software for manipulation of faces and voice that can be used by a fraudster for digital hiding.
Other suppliers on the website offer services related to the creation of false investment and gambling platforms. Fiermen claims that the fraudster often deceive the victims to deposit money on such platforms.
In the case of a reservation on its website, the Platform claims that it does not participate in specific companies of its clients and is only responsible for guaranteeing payments between buyers and sellers, in accordance with the translation of CNBC in the Chinese language.
According to Fierman, Hionione's activity seems to focus in Cambodia and China, but there is evidence that other platforms appear.
“Child play”
As Caas and cybercrime markets develop, the technology offered and used by criminal sellers also developed, enabling more sophisticated fraud on a scale – with less effort, as experts say.
According to Kim-Hock Leow, Cybersecurity General Director, films and voice cloning generated by AI Deepfake are increasingly real, with previous realistic attacks.
Last year, The police in Hong Kong informed The fact that a financial employee in an international company was deceived to pay $ 25 million to cheaters, using Deepfake technology to state as a company financial director during a teleconference.
“This would be completely impossible to do only a few years ago, even for criminals with technical skills, and now it is a real attack even for people without people,” added Burnside Netskope.
Meanwhile, cyber security experts said CNBC that AI tools can be used to improve phishing fraud and social engineering, helping to write more personalized and human -like messages.
“She became fun for children, creating a really convincing false e -maile, audio notes, paintings or films designed for fraud and victims of tricks,” Burnside said, noticing that the dark variants of legal AI generative tools are still on dark markets.
Preventive efforts
Due to the global and anonymous nature of CAAS suppliers and cybercrime markets, they are very difficult for the police, CNBC experts said CNBC, noticing that markets that are closed are often returned under different names or are replaced.
For this reason, Court Interpol in Nicholas claims that cybercrime is not a kind of activity “you can arrest the exit”.
“The volume of crime is growing so fast that, in fact, law enforcement agencies are more difficult to catch the same percentage of cyber criminals,” he said, adding that it requires significant focus on preventive campaigns and public awareness to warn about rapid sophistication of fraud and AI tools.
“Almost everyone receives the fraud today. Although it used to be enough to tell people not to send money to someone who refuses to combine video, it is not enough. ”
At the level of Leow from the Wizlynx Group, he claims that because cybercriminals become more technological and AI, as well as the company's cyber security protocols.
For example, AI tools can be used to automate security systems at enterprise level, reducing the threshold of detecting and accelerating reaction times.
Meanwhile, new tools such as “appearDark Monitoring“Which can follow cybercrime markets and underground forums for leaking or stolen data, including certificates, financial data and intellectual properties.
Leow said that “it has never been easier” to commit cybercriminality, which is why it is crucial to priority to determine cyber security by investing in technological solutions and increasing employees' awareness.