In the former USSR countries, criminal activities with stolen credit cards have created a market of $680,000,000. This accounts for 27 percent of the total high-tech crime market, says a report released by Russian cyber security firm Group-IB, covering the period from July 2013 and June 2014. The analysts say that today “Russian-speaking hackers are still one of the most important origins of global high-tech crime trends.”
Among the analysts’ findings in regard to the black market for cards is that it currently looks like any other legitimate online market. Over the past years, it has become structured and “complete with wholesalers and online trading platforms,” so that criminal customers can go through offered stolen credit card numbers as if they were doing shopping on Amazon or any other e-commerce platform. One of the biggest players in this black market is a hacker nicknamed Rescator, who allegedly lives in Ukraine.
The payment methods used by criminals, however, are different from those traditionally preferred by Amazon customers. According to Group-IB’s data, 80 percent of payments on a popular carding black marketplace SWIPED were made using bitcoin, which makes the rate of cryptcurrencies adoption among cyber criminals way higher than among law-abiding citizens.
Another clear upward trend are threats related to mobile banking. The analysts singled out five criminal groups specializing in Trojans that infect Android-running smartphones and steal information using SMS banking and phishing websites. “The scale of these thefts is limited only by the manual nature of the activity,” experts concluded.
At the same time, the number of Russian-speaking criminal groups involved in online banking fraud in the ex-USSR has reduced from eight to five. According to the report, two groups have switched to foreign targets, while the other one was disbanded following the arrest of one of its leaders in 2014.
Meanwhile, hackers from the ex-USSR make good money on reprogramming cash machines either by physical access or through local networks.
In some cases, criminals retrieve numbers and PINs of credit cards used in the ATM, and sometimes they use malicious scripts that make the machine to pay out larger value notes than they should. For instance, the infected ATM can give a user 5,000 ruble bills instead of 100 ruble ones. Just one group of cyber criminals has managed to steal about $1.2 million this way.
Image credit: Bryan Brenneman / Flickr