Cybercrime

From malware and botnets to the latest cybercriminal schemes, check out what today’s black hat hackers are up to.

Blog > Cybercrime

How Ransomware has become an ‘Ethical’ Dilemma in the Eastern European Underground

September 20, 2017

It’s no secret that the Deep & Dark Web (DDW) is home to illicit marketplaces and forums, as well as an array of cybercriminal communications. Less obvious, however, are the nuances of these communications, the unspoken code of conduct that exists in cybercriminal communities, and the “ethical” dilemma that certain types of attacks can cause. […]

Read more

Shoplifting: Defeating Theft Detection and Prevention Technology

September 14, 2017

Typically considered one of the most accessible and in many cases least-sophisticated types of crime, shoplifting persists as an undeniably damaging affliction across the retail sector. In fact, the National Retail Security Survey reported that loss of inventory cost U.S. retailers an estimated $49 billion USD in 2016, with 70 percent of the loss caused […]

Read more

The WireX Botnet: How Industry Collaboration Disrupted a DDoS Attack

By Flashpoint Analyst Team
August 25, 2017

Introduction On August 17th, 2017, multiple Content Delivery Networks (CDNs) and content providers were subject to significant attacks from a botnet dubbed WireX. The botnet is named for an anagram for one of the delimiter strings in its command and control protocol. The WireX botnet comprises primarily Android devices running malicious applications and is designed […]

Read more

BEC Campaigns Target Organizations Across Sectors Using Credential Phishing

In general, business email compromise (BEC) scams are widely viewed as a type of cybercrime that necessitates relatively minimal technical ability. Despite this, analysts industry-wide have observed BEC operators progressing from simple schemes such as 419 and fake lottery scams – in which unwitting victims are duped into sending payments to fraudsters after being promised […]

Read more

Fentanyl Sales in the Deep & Dark Web

July 28, 2017

As the U.S. opioid epidemic persists, the drugs that are fueling the crisis have found a customer base in Deep & Dark Web (DDW) marketplaces. Fentanyl, a synthetic opioid more potent than heroin, is one such drug that is being sold in underground marketplaces. Fentanyl is sold in various illicit marketplaces. For years, surface web […]

Read more

New Version of “Trickbot” Adds Worm Propagation Module

July 27, 2017

On July 27, 2017, in coordination with Luciano Martins, Director of Cyber Risk Services at Deloitte, Flashpoint observed a new version – “1000029” – of the formidable “Trickbot” banking Trojan with a new “worm64Dll” module, spread via the email spam vector, impersonating invoices from a large international financial institution. Image 1: The latest Trickbot tt0002 […]

Read more

U.S. DOJ Announces Takedowns of AlphaBay and Hansa Underground Markets

On July 20, 2017, at 10:00 AM EST, the U.S. Department of Justice (DOJ) announced a joint international law enforcement operation resulting in the takedown of the AlphaBay Market. Formerly the most popular underground market in the Deep & Dark Web (DDW), AlphaBay facilitated numerous illicit activities, including narcotics trafficking and the sale of vast […]

Read more

Business Email Compromise: A Bigger Threat than Ransomware?

By Flashpoint Analyst Team
July 20, 2017

The large-scale attacks that have become defining characteristics of 2017 have given rise to stronger defenses across the enterprise. Forced to adapt in response, more adversaries are recognizing that bypassing these defenses to generate illicit funds is sometimes best achieved through less-sophisticated — yet lucrative — schemes like Business Email Compromise (BEC). In fact, the […]

Read more

With a boost from Necurs, Trickbot expands its targeting to numerous U.S. financial institutions

The Necurs botnet first emerged in 2012 and has since become notorious for powering massive, malware-laden spam campaigns. Although the botnet’s historical association with Locky and Jaff Ransomware has long raised concerns from organizations across all sectors, Necurs is now delivering a different type of malware that poses a threat specifically to the financial sector: […]

Read more