Cybercrime

From malware and botnets to the latest cybercriminal schemes, check out what today’s black hat hackers are up to.

Blog > Cybercrime

Cybercriminal Abuse of Rewards Points

November 20, 2017

Cybercriminal interest in stolen data is not solely limited to financial or personally identifiable information. In fact, Flashpoint analysts have observed Deep & Dark Web chatter pertaining to the exploitation of rewards points programs, especially those associated with travel. This chatter aligns with cybercriminals’ interest in fraudulent booking services for hotels, airline tickets, and car […]

Read more

Best Practices for Combating Fraud in the Insurance Industry

November 7, 2017

Today’s fraudsters are nothing if not resilient. After all, combatting fraud is often compared to a game of “whack-a-mole” —and for good reason. Just as organizations across all sectors are continually developing new ways to prevent fraud, fraudsters are continually developing new schemes. While a new anti-fraud measure may help decrease one type of fraud, […]

Read more

“Ultimate Anonymity Services” Shop Offers Cybercriminals International RDPs

October 24, 2017

Dark Web marketplaces selling access to compromised Remote Desktop Protocol (RDP) servers have become increasingly popular in the cybercriminal ecosystem over the past several years. UAS — which stands for “Ultimate Anonymity Services” — is one such popular cybercriminal RDP shop that has been online since February 16, 2016.  UAS offers SOCKs proxies in addition to over […]

Read more

Evolution of the Russian-Language Underground’s Anonymizing Technology

October 5, 2017

Much like a virus that continually mutates to render previously-effective vaccines obsolete, cybercriminals’ ongoing development of new anonymizing technologies empowers them to obfuscate their identities while carrying out illicit schemes. Throughout the Russian-language underground in particular, many adversaries have been known to spend hundreds of dollars on tools designed to help them sidestep the latest […]

Read more

How Ransomware has become an ‘Ethical’ Dilemma in the Eastern European Underground

September 20, 2017

It’s no secret that the Deep & Dark Web (DDW) is home to illicit marketplaces and forums, as well as an array of cybercriminal communications. Less obvious, however, are the nuances of these communications, the unspoken code of conduct that exists in cybercriminal communities, and the “ethical” dilemma that certain types of attacks can cause. […]

Read more

Shoplifting: Defeating Theft Detection and Prevention Technology

September 14, 2017

Typically considered one of the most accessible and in many cases least-sophisticated types of crime, shoplifting persists as an undeniably damaging affliction across the retail sector. In fact, the National Retail Security Survey reported that loss of inventory cost U.S. retailers an estimated $49 billion USD in 2016, with 70 percent of the loss caused […]

Read more

The WireX Botnet: How Industry Collaboration Disrupted a DDoS Attack

By FP_Analyst
August 25, 2017

Introduction On August 17th, 2017, multiple Content Delivery Networks (CDNs) and content providers were subject to significant attacks from a botnet dubbed WireX. The botnet is named for an anagram for one of the delimiter strings in its command and control protocol. The WireX botnet comprises primarily Android devices running malicious applications and is designed […]

Read more

BEC Campaigns Target Organizations Across Sectors Using Credential Phishing

In general, business email compromise (BEC) scams are widely viewed as a type of cybercrime that necessitates relatively minimal technical ability. Despite this, analysts industry-wide have observed BEC operators progressing from simple schemes such as 419 and fake lottery scams – in which unwitting victims are duped into sending payments to fraudsters after being promised […]

Read more