Cybercrime generates over $1.5 trillion in annual revenue, outpacing BigTech earners like Apple and Amazon. Our new report explores key trends in the dark web marketplaces and underground cybercriminal forums providing a look into the past, the present and future.
Trend Micro has found that the cybercriminal underground is not as separated by language as much as it was five years ago. Cybercriminals have adopted a more global view and found that advertising in multiple language forums is a must if they wanted to earn more money. Still, the cybercriminal underground economy remains diverse, and different markets carry unique goods and services for the country or region to which they cater. Key findings from the report include:
- Trust is driving the market – The current marketplace environment is still quite volatile. Trust has become such a critical issue that a search engine has been created to verify sellers on top dark web marketplaces. New dark web email businesses have also appeared to make sure communication is private and anonymous.
- Anyone can be a cybercriminal – There is virtually no pricing barrier, and the technical skills that buyers need to have to setup attacks have been greatly reduced. There has been a migration of cybercrime e-commerce to surface web platforms; it’s no longer just dark web sites that are used to sell illegal goods
- Fake news and propaganda are on the rise, fuelled by deepfakes – In 2019, services used to speak fake news and steer public opinion became more prominent in cybercriminal underground forums. Users in underground forums are looking to monetise deepfake tech – currently in exchange for information.
Predicting how underground markets and forums will evolve is complicated, Trend Micro has included issues with sufficient data and insight that we can anticipate with some certainty. Trend Micro has identified several scenarios we expect to see in the cybercriminal underground economy within the next three years.
- Deepfake ransomware will be the evolution of sextortion. Deepfakes will move away from creating fake celebrity pornographic videos, and veer into manipulating company employees and teenagers. These tools will demand a higher price than non-sextortion ransomware builds.
- More cybercrime will hit Africa in the next three to five years. As more citizens use online platforms for banking and transactions, cybercriminals will develop tools and schemes to take advantage of them. Established hacking groups are already attacking financial institutions, and we predict more will follow.
- Cybercriminals will find a scalable business model that takes advantage of the IoT’s wide attack surface. Cybercriminals will move away from simple DDoS to data interception or using the machines as long-term infected proxies to make botnets harder to map out. Cybercriminals will hone in on IoT devices for espionage and extortion.
- We will see smart contracts in escrow offered in underground forums. Replacing escrow with a blockchain for trust could help guarantee that both parties get what they want out of the deal, without the need to establish trust through reputation.
- SIM card hijacking will increase and target high-level executives. Underground forums currently offer services involving the use of social engineering on telecommunication companies to swap SIMs. Many offerings exist for SIM card swaps, usually from a company insider. Gaining access to your account allows hackers to pass 2-step verification process in various platforms.