Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
“Looking back in the 1990s and early 2000s, I needed to have a reasonable level of technical competence to achieve this type of crime,” he told CNBC of the Court of Nicholas, assistant director of the Center for Financial Crimes and Anti -Corruption of Interpol.
Imagination | E+ | Getty images
An expanding network of cybercrime markets is easier than ever becoming a professional scammer, which raises unprecedented cybersecurity threats worldwide, experts warn.
Cybercriminals are often portrayed in popular media as dishonest and highly qualified individuals, wielding coding and piracy skills from a room with little light. But such stereotypes are becoming outdated.
“Looking back in the 1990s and early 2000s, it had to have a reasonable level of technical competence to achieve this type of crime,” Nicholas Court, deputy director of the Interpol Crime and Financial Corruption Center, told CNBC.
Today, entry barriers have decreased “quite significantly,” said Court. For example, obtaining personal data, such as email addresses and sending mass messages, one of the oldest online scams in the book, has never been easier.
Cybersecurity experts say that the change is due to the advances in the scam technology and the growth of the markets organized online where the experience and resources of the cyber crime are bought and sold.
A growing economy of cyber crimes
“The last decade has more or less seen an evolution of dishonest cybercounts in organized groups and networks, all of which are part of a prosperous underground economy,” said Tony Burnside, vice president and head of Asia-Pacific in Netskope, a cloud security company.
Driving this trend has been the emergence of global underground markets that offer “cybercrime as a” or “fall” service, through which suppliers charge customers different types of malicious tools and cyber crimes services, he added.
CAA examples include ransomware and piracy tools, Botnets For rent, stolen data and anything else that can help cybercriminals in their illegal activities.
“The availability of these services certainly helps allow more cybercriminals, which allows them to expand and sophisticate their crime while reducing the required technical experience,” said Burnside.
They are often housed in “Darknet” markets, a part of the Internet that uses encryption technology to protect user anonymity.
The examples include Abacus Market, Torzon Market and Styx, although the main markets often change as the authorities close and new ones arise.
Burnside adds that the criminal gangs that operate the services and markets of CAAS have begun to operate as “legitimate organizations in their structure and processes.”
Meanwhile, suppliers of these illicit exchanges tend to accept payments only in cryptocurrencies in attempts to remain anonymity, dark income and evade detection.
Silk routeAn infamous dark web market that was closed by the application of the law in 2013, is recognized by many of the first large -scale cryptocurrency applications.
Darknet emerges from the shadows
Although the use of cryptocurrencies in the cyber crime market can help darken the identities of the participants, it can also make their activities more traceable in the block chain, according to Chainysis, a blockchain investigation firm that traces illegal cryptographic transactions.
According to chain data, while Darknet markets remain an important factor in the global cyber crimes ecosystem, more activity is moving to the public Internet and ensures messaging services such as Telegram.
The largest of these markets identified by Chainysis is the guarantee of Huione, a platform affiliated with Cambodian conglomerate Huione Group, which the firm says it acts as a “unique window for almost all forms of cybercrime”.
The Chinese language platform operates as a pairs market where suppliers offer services services are linked to illegal activities, such as money laundering and cryptography based scams.
Suppliers pay to advertise on the Huione website, often directing interested parties to private telegrams groups. If a sale is made, Huione seems to act as an intermediary of deposit and dispute to “guarantee” the exchange.
The chain data shows that Huione’s guarantee suppliers have prosecuted an amazing amount of $ 70 billion in cryptographic transactions since 2021. Meanwhile, Elliptical, another Blockchain analysis firm, estimates that the Huione group entities have received at least $ 89 billion in crypto assets, which does it. “The largest online market of all time.“
The platform announces and directs potential buyers to groups of suppliers in Telegram that offer everything, from scam technology and money laundering to escort services and illicit goods.
Judging by the scale and volume of transactions in the guarantee of Huione, it is probably used by numerous organized criminal groups, according to Andrew Fierman, head of National Security Intelligence in Chainlaysis.
However, he adds that the many services do not cost much money, providing a low entrance barrier and access point to cybercrime for “anyone with Internet connection.”
According to Chainysis, people who seek to facilitate “romance” or investment scams can buy the necessary tools and services in Huione for only a couple of hundreds of dollars. The costs can reach thousands of dollars, depending on the level of complexity they seek to execute.
Investment or romance scams involve a scammer who builds a relationship with a victim through social networks or appointment applications, with the intention of obtaining money through a false investment opportunity.
A scammer who tries to achieve this type of scam could buy a Huione guarantee for a potential data portfolio of the victims, such as telephone numbers; Old social media accounts that seem to be real people; and a facial and voice manipulation software with AI, which can be used by a scammer to disguise itself digitally.
Other goods and services that are on the site include false investment and game platforms that scammers try to deceive the victims to deposit the funds.
In a discharge of responsibility on its website, the platform says that it does not participate or understand the specific businesses of its customers and is responsible for guaranteeing payments between buyers and vendors, according to a translation of CNBC of the declaration in the Chinese language.
According to Fierman, the activity of Huione Garante seems to concentrate on Cambodia and China, but there is evidence that other platforms are emerging.
‘Children’s Game’
As the markets of CAAS and cyber crime continue to grow, the technology offered and exploited by criminal suppliers has also advanced, which allows more sophisticated scams on scale, with less effort, experts say.
Deepfake videos generated by AI and voice cloning are increasingly real, with previously realistic previously unfeasible attacks thanks to the generative advances of AI, according to Kim-Hock Leow, CEO of Asia of the Wizlynx Group cybersecurity company.
Last year, Hong Kong police reported That a financial worker from a multinational company had been deceived to pay $ 25 million to scammers who use Deepfake technology to pose as the company’s financial director in a videoconference.
“This would have been completely impossible to achieve only a few years ago, even for criminals with technical skills, and now it is a viable attack even for those without,” Burnside of Netskope added.
Meanwhile, cybersecurity experts told CNBC that AI tools can be used to improve phishing and social engineering scams, helping to write more personalized and human messages.
“It has become the children’s game to create really convincing false emails, audio notes, images or videos designed to cheat and deceive the victims,” said Burnside, noting that the dark variants of legitimate generative tools continue to find their way to dark markets.
Prevention efforts
Due to the global and anonymous nature of CAA suppliers and cyber crime markets, they are very difficult to monitor, cybersecurity experts told CNBC, noting that markets that are often closely resurfaced under different names or are replaced.
For that reason, Interpol’s court of Nicholas says that the cyber crime is not the type of activity “can arrest its exit.”
“The volume of crime is increasing so fast that in reality it is more difficult for the application of the law to capture the same proportion of cybercriminals,” he said, adding that this requires a significant approach to prevention and public awareness campaigns to warn about the rapid sophistication of the chests and the tools of AI.
“Almost everyone receives scam messages these days. While it used to be enough to tell people not to send money to someone who refuses to the video call, that is not enough.”
At the business level, the Wizlynx Group Leuto says that as cybercriminals become more experts in technology and AI, so must cybersecurity protocols of companies.
For example, AI tools can be used to help automate security systems at the business level, lowering the threshold to detect and accelerate response times, he added.
Meanwhile, new tools are emerging, such as “Dark web monitoring“That can trace the markets of cyber crimes and underground forums for filtered or stolen data, including credentials, financial data and intellectual property.
“It has never been easier to” commit cyber crimes, so it is crucial to prioritize cybersecurity by investing in technological solutions and improving employee awareness, Leow said.
