Dans l’actualité

How digital ‘drifters,’ eager to turn an easy profit online, fuel the malware marketplace

README LogoNew research presented during Black Hat 2021 in Las Vegas on Wednesday reveals the important role of amateur, and amateurish, players in sustaining the cybercrime ecosystem.

The cybercrime underground is often portrayed as driven by a small number of highly motivated and capable actors with criminal intent — bot herders, ransomware masterminds and spy chiefs. But new research suggests it is sustained by a huge penumbra of individuals simply trying to earn a living off the internet — a portion of whom over time drift into criminal activity.

“What we conclude from our analysis is that there is a large informal workforce evolving at the periphery of the malware industry that is necessary to its operation,” Masarah Paquet-Clouston, a security researcher for GoSecure, told a virtual session at the Black Hat security conference in Las Vegas Wednesday.

She compared these “drifters,” moving from the informal economy to the cybercrime ecosystem, to the street level dealers and enforcers — often drug addicts themselves — who make the operations of transnational drug cartels possible. “They’re not the masterminds behind … the cartels. But if we take them off the streets, maybe we can tackle the [drug] problem differently,” she said.

View Article Here

Researchers turn the spotlight on the hidden workers of the cybercrime world

ZDNet LogoPhishing schemes, malware campaigns and other operations involve an array of workers beyond the criminal masterminds. Could giving them better opportunities for legitimate work help cut crime?

Security researchers have put the spotlight on a little-known but growing group of people who make up a significant part of the cyber-criminal ecosystem, even though some of them may not even be aware that they’re actually taking part in illegal activities.

A collaborative research project by Czech Technical University in Prague, plus cybersecurity companies GoSecure and SecureWorks, analyzed the activities of people on the fringes of cybercrime, those behind projects like building the websites that end up being used for phishing attacks, affiliate schemes to drive traffic towards compromised or fake websites or writing the code that ends up in malware.

The people behind these projects are doing it because it’s an easy way to make money. But by doing this work, they’re laying the foundations for cyber criminals to carry out malicious campaigns

View Article Here

Cybercrime is full of nine-to-fivers, short on masterminds

SC Media LogoThink of a cybercriminal. Let’s call the cybercriminal Kelsey.

Does Kelsey think about being a criminal? Does Kelsey think it’s cool? Does Kelsey have a novelty license plate that says HACK CAR?

Now think about a clerk at a grocery store or whoever it is who writes greeting cards, or someone else with an average job. Let’s call the normal worker Alex. Is the clerk in it for the love of the groceries? Does the greeting card writer genuinely care whose birthday it is? Is Alex more interested in what the job is or is Alex just showing up to work to get a paycheck?

Cybercrime is not all Kelsey. Cybercrime is mostly Alex. At least, that is the finding of a research team from GoSecure, Secureworks, the Czech Technical University in Prague and Cisco.

View Article Here

Researchers Discover New Obfuscation-As-a-Service Platform

Dark Reading LogoResearchers detail how a Android APK obfuscation service automates detection evasion for highly malicious apps.

A new obfuscation-as-a-service platform detailed by researchers today during the Botconf 2020 virtual conference offers yet another proof point of how robust the cybercriminal economy is at filling market needs for black hats. In this case, enterprising hackers developed a fully automated service platform for protecting mobile malware Android Packet Kits (APKs) from antivirus detection. Offered on a one-off basis or for a recurring monthly subscription, the service was available to mobile malware authors both in English and Russian for at least six months of 2020, potentially longer.

The service was found and examined by a collaborative team from three organizations: Masarah Paquet-Clouston from GoSecure, Vit Sembera from Trend Micro, and Maria Jose Erquiaga and Sebastian Garcia from the Stratosphere Laboratory. They initially got wind of the service — which they’ve chosen not to name to avoid tipping off the service operators — when they were analyzing activity surrounding the spread of the Geost Android banking Trojan botnet. They uncovered leaked chat logs between Geost botnet operators referring to an obfuscation service and started poking around to discover what was being discussed.

View Article Here

Gosecure Raises $14 Million, Bringing Series E To $35 Million USD

Betakit LogoMontreal-based GoSecure, which has developed a cybersecurity managed detection and response (MDR) software platform, has raised an additional $14 million USD for its Series E round, bringing the total round to $35 million USD.

The funding was led by W Investments Group, based in Montreal. John Randall, senior vice president of product management at GoSecure, told BetaKit there were other participants but did not disclose their names. Randall said the capital will be put towards sales, marketing and engineering.

GoSecure closed initial funding for its Series E investment in June. Though originally reported as $20 million USD, Randall told BetaKit GoSecure closed $21 million at that time. That investment was led by Yaletown Ventures. Other participants included Bank of Montreal and existing investors SAP/NS2 and Razor’s Edge.

View Article Here

Détection et réponse gérées Titan
Antivirus de nouvelle génération
Détection et réponse sur les terminaux
Détection et réponse sur le réseau
Détection et réponse sur les boîtes de messagerie
Détection et réponse face aux menaces internes
Gestion des pare-feu
Gestion des SIEM
La gestion des vulnérabilités en tant que service
GoSecure Titan
Logiciel Titan
Sécurité de la messagerie
Sécurité Web
Boîte à outils «Responder PRO Forensics»
Services professionnels
Services de détection de brèches
Évaluation de la cybersécurité
Évaluation de la compromission de la sécurité
Piratage éthique
Réponse aux incidents et analyse de type «forensics»
Services de conformité et d’audit
Technologies fournies par des tiers

Pin It on Pinterest