Hackers torn over how to adapt their tactics to the coronavirus pandemic

Some hackers thrive, while the business models of others collapse, and some refrain from exploiting the crisis altogether

The hacking community is said to be split over how to adapt their tactics to the coronavirus crisis, with many thriving off the back of mass-remote working while other groups have seen their business models collapse overnight.

Despite a recent explosion in cyber criminal activity, the picture beneath the surface is far more complex, with different strands undergoing mixed fortunes, and another group of hackers refraining from engaging in any COVID-19-related activity whatsoever. 

Nevertheless, businesses and individuals have certainly felt a crescendo of activity. With many individuals now working from home, and much more work and social activity being conducted online, the level of phishing has climbed sharply, for example.

Although cyber criminals are quickly adapting their operations to the changing world, the reactions among different groups have ranged from excitement to desperation, according to an analysis by Digital Shadows.

“Digital Shadows has observed threat actors operating on cybercriminal forums and marketplaces expressing their worries and a sense of desperation as to how the pandemic will affect their established business models,” the cyber security organisation said.

“Some are urgently trying to adapt their offerings to survive in this vastly changed landscape. Other cybercriminals see an opportunity to profit from mass hysteria and panic or take advantage of the increased online exposure that virus-tackling measures have inadvertently caused.”

With many workers around the UK forced to self-isolate and work from home, there’s been a marked rise in online shopping. Some cyber criminals are exploiting this trend by engaging in more carding activity, also termed the trafficking of payment information, because it’s more difficult to attribute fraud given the sheer rise in the volume of transactions.

Users on high-profile hacking forums have been predicting this trend for some time, and gearing their tools for the inevitable rise in online shopping. One user on a Russian-language platform, for example, observed that “everyone is afraid to go out on the streets” and so they’re choosing what they feel is the safer option.

This is part of a wider trend of cyber criminals enquiring as to how they can exploit the situation for personal gain. Many on exploit forums have also launched well-timed side-ventures that involve selling coronavirus face masks or miracle cures, having previously engaged in selling drugs or carding in the past.

There’s a divide between those pivoting to coronavirus exploits in order to increase their income and those doing it out of necessity given their collapsing business models. Specialist cyber criminal outfits, targeting aspects of work life such as travel or events, have seen revenues dry up overnight.

This form of fraud has been particularly hard-hit, given that people have refrained from flying en masse and that borders are closing around the world. One cyber fraudster offering fraudulent tickets for same-day events posted an update suggesting “everything is closed for 2 weeks” as a result of the cancellation of events.

Another user, who had for years targeted tourism, hotels, and air travel, started a thread headlined “find a job for an old man”.

He noted that “since the world decided to spin up a cool scam codenamed ‘coronavirus’ which will likely lead to another crisis... I am left without earnings for an indefinite period”.#

Not all cyber criminals are joining in with the trend of adapting their businesses to the coronavirus pandemic, however, with some deciding to take a step back entirely from this area for moral reasons.

Digital Shadows research from last month examining the reaction to COVID-19 across the dark web, found that some cyber criminals have been actively discouraging others from exploiting the crisis.

Many suggest that conventional cyber crime is lucrative enough that no pivots are necessary, while others have expressed solidarity with victims and shared personal stories about how coronavirus has affected them and their neighbourhoods.

Featured Resources

Managing security risk and compliance in a challenging landscape

How key technology partners grow with your organisation

Download now

Security best practices for PostgreSQL

Securing data with PostgreSQL

Download now

Transform your MSP business into a money-making machine

Benefits and challenges of a recurring revenue model

Download now

The care and feeding of cloud

How to support cloud infrastructure post-migration

Watch now

Recommended

Hackers leak data from dark web marketplace
cyber security

Hackers leak data from dark web marketplace

9 Apr 2021
Neo digital transformation
digital transformation

Neo digital transformation

9 Apr 2021
Hackers are using fake messages to break into WhatsApp accounts
instant messaging (IM)

Hackers are using fake messages to break into WhatsApp accounts

8 Apr 2021
Hackers sell $38 million in gift cards on Russian marketplace
hacking

Hackers sell $38 million in gift cards on Russian marketplace

7 Apr 2021

Most Popular

Microsoft is submerging servers in boiling liquid to prevent Teams outages
data centres

Microsoft is submerging servers in boiling liquid to prevent Teams outages

7 Apr 2021
Data belonging to 500 million LinkedIn users found for sale on hacker marketplace
hacking

Data belonging to 500 million LinkedIn users found for sale on hacker marketplace

8 Apr 2021
How to find RAM speed, size and type
Laptops

How to find RAM speed, size and type

8 Apr 2021