Cyber-criminals are increasingly downsizing from selling their wares on large dark web marketplaces in a bid to build trust with buyers, according to McAfee.
The security giant claimed in its latest threat report for Q3 that the trend can also be seen as a response to law enforcement activity. Police effected the major takedowns of Hansa and Alpha Bay in 2017 while marketplace Olympus fell silent in September after a suspected exit scam.
“Cyber-criminals are very opportunistic in nature,” said John Fokker, head of cyber-criminal investigations at McAfee. “The cyber-threats we face today once began as conversations on hidden forums and grew into products and services available on underground markets. Additionally, the strong brands we see emerging offer a lot to cyber-criminals: higher infection rates, and both operational and financial security. ”
The move on the part of these business-minded hackers with strong underground ‘brands’ to set up shop on their own has brought with it a cottage industry in website designers offering to build their digital stores, McAfee claimed.
Elsewhere, the security firm blocked an average of 480 new threats per minute during the three-month period, with IoT malware (73%), cryptomining malware (71%) and new ransomware (10%) all increasing from the previous quarter.
Overall, new malware samples increased 53%, with new macro malware up 32%. It’s no surprise that malware was the most popular attack vector, followed by account hijacking, leaks, unauthorized access and vulnerabilities.
However, instances of new mobile malware declined by 24% in Q3, and McAfee customers reported 36% fewer infections in the quarter.
Data breaches in the financial sector jumped 20% and sextortion scams continued to grow in popularity, driven by Gamut, the top spam-producing botnet.