Hackers torn over how to adapt their tactics to the coronavirus pandemic

Some hackers thrive, while the business models of others collapse, and some refrain from exploiting the crisis altogether

The hacking community is said to be split over how to adapt their tactics to the coronavirus crisis, with many thriving off the back of mass-remote working while other groups have seen their business models collapse overnight.

Despite a recent explosion in cyber criminal activity, the picture beneath the surface is far more complex, with different strands undergoing mixed fortunes, and another group of hackers refraining from engaging in any COVID-19-related activity whatsoever. 

Advertisement - Article continues below

Nevertheless, businesses and individuals have certainly felt a crescendo of activity. With many individuals now working from home, and much more work and social activity being conducted online, the level of phishing has climbed sharply, for example.

Although cyber criminals are quickly adapting their operations to the changing world, the reactions among different groups have ranged from excitement to desperation, according to an analysis by Digital Shadows.

“Digital Shadows has observed threat actors operating on cybercriminal forums and marketplaces expressing their worries and a sense of desperation as to how the pandemic will affect their established business models,” the cyber security organisation said.

“Some are urgently trying to adapt their offerings to survive in this vastly changed landscape. Other cybercriminals see an opportunity to profit from mass hysteria and panic or take advantage of the increased online exposure that virus-tackling measures have inadvertently caused.”

Advertisement
Advertisement - Article continues below

With many workers around the UK forced to self-isolate and work from home, there’s been a marked rise in online shopping. Some cyber criminals are exploiting this trend by engaging in more carding activity, also termed the trafficking of payment information, because it’s more difficult to attribute fraud given the sheer rise in the volume of transactions.

Users on high-profile hacking forums have been predicting this trend for some time, and gearing their tools for the inevitable rise in online shopping. One user on a Russian-language platform, for example, observed that “everyone is afraid to go out on the streets” and so they’re choosing what they feel is the safer option.

Advertisement - Article continues below

This is part of a wider trend of cyber criminals enquiring as to how they can exploit the situation for personal gain. Many on exploit forums have also launched well-timed side-ventures that involve selling coronavirus face masks or miracle cures, having previously engaged in selling drugs or carding in the past.

There’s a divide between those pivoting to coronavirus exploits in order to increase their income and those doing it out of necessity given their collapsing business models. Specialist cyber criminal outfits, targeting aspects of work life such as travel or events, have seen revenues dry up overnight.

This form of fraud has been particularly hard-hit, given that people have refrained from flying en masse and that borders are closing around the world. One cyber fraudster offering fraudulent tickets for same-day events posted an update suggesting “everything is closed for 2 weeks” as a result of the cancellation of events.

Advertisement - Article continues below

Another user, who had for years targeted tourism, hotels, and air travel, started a thread headlined “find a job for an old man”.

He noted that “since the world decided to spin up a cool scam codenamed ‘coronavirus’ which will likely lead to another crisis... I am left without earnings for an indefinite period”.#

Not all cyber criminals are joining in with the trend of adapting their businesses to the coronavirus pandemic, however, with some deciding to take a step back entirely from this area for moral reasons.

Digital Shadows research from last month examining the reaction to COVID-19 across the dark web, found that some cyber criminals have been actively discouraging others from exploiting the crisis.

Many suggest that conventional cyber crime is lucrative enough that no pivots are necessary, while others have expressed solidarity with victims and shared personal stories about how coronavirus has affected them and their neighbourhoods.

Featured Resources

The case for a marketing content hub

Transform your digital marketing to deliver customer expectations

Download now

Fast, flexible and compliant e-signatures for global businesses

Be at the forefront of digital transformation with electronic signatures

Download now

Why CEOS should care about the move to SAP S/4HANA

And how they can accelerate business value

Download now

IT faces new security challenges in the wake of COVID-19

Beat the crisis by learning how to secure your network

Download now
Advertisement
Advertisement

Recommended

Visit/security/phishing/355810/zloader-malware-returns-as-a-coronavirus-phishing-scam
phishing

ZLoader malware returns as a coronavirus phishing scam

27 May 2020
Visit/security/hacking/355806/anarchygrabber-hack-steals-discord-tokens-ids-and-passwords
hacking

AnarchyGrabber hack steals Discord tokens, IDs and passwords

27 May 2020
Visit/security/hacking/355801/scammers-using-coronavirus-contact-tracing-in-hacking-attempt
hacking

Scammers leverage contact-tracing in hacking attempt

27 May 2020
Visit/security/phishing/355793/gitlab-phishes-its-remote-employees-and-1-in-5-fell-for-it
phishing

GitLab phished its employees and 20% handed over credentials

26 May 2020

Most Popular

Visit/operating-systems/microsoft-windows/355812/microsoft-warns-against-installing-windows-10-may-2020
Microsoft Windows

Microsoft warns users not to install Windows 10's May update

28 May 2020
Visit/security/data-breaches/355777/easyjet-faces-class-action-lawsuit-over-data-breach
data breaches

EasyJet faces class-action lawsuit over data breach

26 May 2020
Visit/security/cyber-security/355797/microsoft-bans-trend-micros-rootkit-buster-from-windows-10
cyber security

Microsoft bans Trend Micro driver from Windows 10 for "cheating" hardware tests

27 May 2020