Washington: Cyber criminals are settling into a comfortable place in the ‘Dark Web’, where they test, refine and distribute malware for online thievery.
In its quarterly threat assessment released on Monday, McAfee Labs noted the relative ease with which the malware is bought and sold in Dark Web marketplaces. The report pointed out that the attackers who stole the data have also found a market, offering some of the 40 million credit card numbers reported stolen in batches of between one million and four million at a time.
The reports also added that the attacks represents an age of cybercrime as a service and the Dark Web overall. The Dark Web actors appear to be operating with ease, like other kinds of online businesses, McAfee said.
The BlackPOS malware family is an 'off-the-shelf' exploit kit for sale that can easily be modified and redistributed with little programming skill or knowledge of malware functionality.’ it added. The thieves who employ the malware can easily turn to a popular credit card black market like Lampeduza Republic, which McAfee said had a well-organized hierarchy.
"We believe these breaches will have long-lasting repercussions and expect to see changes to security approaches and compliance mandates and, of course, lawsuits." claimed McAfee
McAfee's report also noted a surge in mobile malware as more people use smartphones. It collected 2.47 million new mobile malware samples in 2013, with 744,000 in the fourth quarter alone. Researchers concluded that the malware responsible for target online attacks used relatively unsophisticated technologies, that were likely purchased 'off the shelf' from the cybercrime-as-a-service community, and customized specifically for these attacks.