Last week's arrest of Russian bank hacker extraordinaire Aleksander "SpyEye" Panin doesn't mean online bank accounts are suddenly safer. Not that anyone thought they were. Bank fraud is here to stay and the guys behind it -- many of them Russsian -- are multiplying and becoming more savvy.
Panin, known as Gribodemon in the underground "darknet" where trading in malware happens like fruit and veggies in a framer's market, was picked up by FBI agents while vacationing in the Dominican Republic. He pleaded guilty last week to a single count to commit bank fraud and wire fraud.
Right around Thanksgiving, nearly 100 million
"These are no longer isolated incidents," says Nart Villeneueve, a senior malware researcher at FireEye in California. "We pay attention to the big breaches like Target, but on a small scale this type of cyber crime is happening to everyone every day. It is becoming all too common. And in the underground forums where criminal hackers congregate, there is always new malware coming to market."
Cyber crime getting more common than we'd like to admit, says cyber security firm FireEye of... [+]
And it is designed to attack a computer or a device near you.
Last year, in one of his year-ending predictions on what will transpire in cyber space this year, Kaspersky Lab CEO Eugene Kaspersky said there was a chance for cyber crime and high level cyber espionage to become so severe that the web could breakup into little zones. That would mean Russians wouldn't be able to access the U.S. internet, and vice versa.
Then again, to an experienced malware writer, or a computer genius with mal intent, cyber walls are meant to be knocked down.
Last year, Russian cyber gang Karbart, a collection of malware writers who created trojan files similar to Panin, was arrested by the KGB.
While cybercrime is certainly not exclusive to Russia, the rise of cybercrime in the region was facilitated by the rise and fall of the Soviet Union, as well as an abundance of highly skilled technical personnel, coupled with limited lucrative employment opportunities, notes FireEye researchers. Russia is teeming with networks of talented cybercriminals. With little risk of prosecution, in Russia in particular, home grown cybercrime networks continue to flourish.
FireEye, which builds devices for corporate and government computer infrastructure designed to sift through dubious email attachments, says these criminal networks are organized using an affiliate model known as “partnerkas.” Patnerkas rely on a series of dubious relationships that allow cybercriminals to profit from all sorts of activities including spam, rogue pharmacies, fake antivirus, clickfraud, and ransomware. In this model, development and distribution are shared among multiple actors. The partnerka supplies the product – whether malware binaries or pharmaceuticals – and the affiliate members distribute them.
Patnerkas rely on payment processing capabilities, bulletproof hosting, and underground marketplaces to carry out their operations.
The ability to process credit card payments through companies such as Chronopay has allowed cybercriminals to operate online pharamacies, charge for the installation of fake antivirus software, commit credit card fraud, and support porn sites. Interestingly, there is a fair amount of crossover between the adult website industry in Russia and cyber crime.
Cyber security firms and law enforcement like the FBI often infiltrate the anonymous internet, where nearly all of the illicit communication between hackers with criminal intent takes place.
Sometimes the law wins. Sometimes the cybercriminals win.
CarderPlanet was shut down in the mid-2000s. The Silk Road, which sold everything from Viagra to vigilantes, was shut down last year.
"It does happen," says Villeneueve about infiltration of the hacker forums in the so-called "dark net". But companies and individuals who have had their data breached and their bank accounts emptied shouldn't count on the law outnumbering the criminals. "There are so many cases vying for law enforcement attention that you can't be everywhere all the time," Villeneueve says. "It takes a fair amount of effort to track these forums down. You can't just join one. You have to be allowed in by people already respected in the group before you can participate and learn who's who and what they're selling."
