Russian Underground 101

Introduction

This research paper intends to provide a brief summary of the cybercriminal underground and shed light on the basic types of hacker activity in Russia. The bulk of the information in this paper was based on data gathered from online forums and services used by Russian cybercriminals. We also relied on articles written by hackers on their activities, the computer threats they create, and the kind of information they post on forums’ shopping sites.

Online fraud has long since moved from being a mere hobby to a means for cybercriminals to earn a living. This paper examines what is being sold on the most popular cybercrime forums like antichat.ru, xeka.ru, and cardingcc.com; which items are in demand; and what services professional fraudsters offer.

The fraudsters consider the Internet a playing field. It has many vulnerable sites and a great deal of unprotected data. While “protected” data do exist, the places they are stored in can still be hacked. Some cybercriminals shared their experience in hacking; generating traffic; and writing code for Trojans, exploits, and other malware via online
articles.

This paper discusses fundamental concepts that Russian hackers follow and the information they share with their peers. It also examines prices charged for various types of services, along with how prevalent the given services are in advertisements. The primary features of each type of activity and examples of associated service offerings are
discussed as well.
Each section of this paper focuses on a specific type of criminal activity, good, or service in the Russian underground market.

Trend Micro Report