What to prepare for respectable companies when hackers begin to redivide the market
The shadow market for trading personal data and access to IT infrastructure is a phenomenon that cannot be ignored, if only because of the impact on the economy, which loses $ 3.5 billion from hacker attacks. per year. At the end of 2021, instead of the already familiar reports of successful cyber attacks on companies or banks, information about hacked carding forum appeared.
It would seem that good news for data operators, who spend an average of $ 1.5 million on cybersecurity annually. But what is happening in the hacker community most resembles a redistribution of the market with all the ensuing consequences: cyber attacks will soon become more dangerous, and protection against them will become more expensive.
But at the end of 2021, the Carders suddenly came under attack themselves. So, on January 20, the administrator of the verified carding forum reported the hack, on February 16 - the CrdClub carding forum (fraudsters used it for transactions with fake credit card providers), on March, Exploit announced the attacks, and on March the oldest English-language maza forum.
Carding forums are actually exchanges for the sale of cybercriminal goods and services, says Mikhail Robin,technical director of Trend Micro in USA and Germany. Successful attacks on such "exchanges" can mean that the special services have become more active, and the fact that the cybercriminals themselves have started a war without rules for the redistribution of the shadow market. In any case, for respectable data operators, the news about hacked hackers seems good. But it's not that simple. To begin with, the question arises, why do specialists in stealing data from the Internet put their own in it.
Punishing sword in epaulets
But most importantly, after the attacks on the forums, there were no statements by law enforcement officers about their closure. Moreover, according to the source, the verified copy appeared at a different address, and the Exploit portal has now restored work. On Verified there was an announcement that all users reset passwords, says the analyst of the company cybersecurity Kela Victoria Kivilevich. According to her, CrdClub is now working, and Expoit suspended only the work of the "mirror" in the legal segment of the Internet.
Exposing the participants of the forums, of course, will complicate the work of shadow platforms, experts say. Their users will "flow" to other resources, "which is quite consistent with the tasks of the attackers. Members of hacker groups will behave more cautiously, the expert of the information security department is sure. Respectable companies and banks, in turn, will have to monitor security even more closely and increase budgets for this direction.