Subscribe to Updates

    Get the latest creative news from FooBar about art, design and business.

    [mc4wp_form id=3515]
    What's Hot

    Name That Toon: Last Line of Defense

    April 16, 2024

    OpenJS Foundation Targeted in Potential JavaScript Project Takeover Attempt

    April 16, 2024

    Middle East Cyber Ops Intensify, With Israel the Main Target

    April 16, 2024
    Facebook Twitter Instagram
    • Privacy Policy
    • Contact Us
    Facebook Twitter Instagram Pinterest Vimeo
    AI Home SecurityAI Home Security
    • Home
    • Home Security
    • Cyber Security
    • Biometric Technology
    Contact
    AI Home SecurityAI Home Security
    Home»Cyber Security»How the Ukraine War Opened a Fault Line in Cybercrime, Possibly Forever
    Cyber Security

    How the Ukraine War Opened a Fault Line in Cybercrime, Possibly Forever

    justmattgBy justmattgFebruary 27, 2023No Comments4 Mins Read
    Share Facebook Twitter Pinterest LinkedIn Tumblr Reddit Telegram Email
    Share
    Facebook Twitter LinkedIn Pinterest Email

    [ad_1]

    Russia’s war in Ukraine has shaken cyberspace at every level, from nation-state advanced persistent threats (APTs) on down to low-grade carders on Dark Web forums.

    A new report from Recorded Future highlights the many effects that the Russian invasion of Ukraine, now one year past, has had in cyberspace. Threat actors have been pulled away from their computers. Allies have become enemies. Cybercrime activity has shifted and power structures have been reorganized, not least because people have been physically moving.

    It all amounts to a kind of grand, multifaceted dissolution. A breakdown of the cybercrime state of affairs. Will the digital underworld ever be the same again?

    Cybercriminals Are Moving

    The internet breaks down barriers. Even thousands of miles can’t prevent a hacker in Russia or Ukraine from breaching the database of a corporation in France or Canada. And yet, physical movement in the wake of the war has had lasting impacts on how cybercriminals are operating.

    On one hand, of course, Ukrainians have emigrated from their country en masse.

    “We believe that some threat actor groups based in Ukraine also fled when the war began, similar to their Russian counterparts,” Alex Leslie, associate threat intelligence analyst at Recorded Future, tells Dark Reading.

    The report refers to the case of Mark Sokolovsky, core developer for Raccoon Stealer — an information-stealing malware — who fled Ukraine to avoid conscription.

    “While this is only one case study,” Leslie says, “we believe it is indicative of a larger trend in which threat actors have fled Russia, Ukraine, and even Belarus to avoid conflict.”

    Meanwhile, Russia has been experiencing, as the authors say, a “brain drain,” with IT and cybersecurity professionals leaving the country for neighboring Georgia, Kazakhstan, Finland, and Estonia. Further, the drafting of young men of fighting age has led threat actors from behind screens to the front lines.

    As a result, the country “has begun to deplete its hacker reserves,” Leslie explains. “What we identify is that the overall volume of activities, particularly on Russian cybercriminal forums, marketplaces, and social media channels, has decreased dramatically in waves. These waves being immediately before and after the war began, during waves of mobilization, and coinciding with Russians leaving the country.”

    The reordering of so many lives has led to “a bit more decentralization, both geographically and in terms of hegemonic groups and sources of activity,” Leslie says.

    Cybercriminals Are Fighting One Another

    Cybercriminals come from every corner of the world, but no corner more than in Russia and Eastern Europe. Many of the great cyberattacks of history have come courtesy of criminals in Russia and Ukraine. Russian APTs have become notorious for their attacks against Ukraine but this represents a change: Russian cybercriminals have historically worked hand-in-hand with their comrades across the border.

    This kumbaya attitude was quashed on Feb. 24, 2022, when Russia invaded Ukraine and those on both sides were inspired to pledge allegiances. Most famously, the Conti group fully backed the Putin regime, then retracted, then halfway retracted its retraction. This support for the invasion was perhaps uncoincidentally attended by a giant leak of the Conti source code, tipping over a slow demise for Russia’s most prominent ransomware gang.

    “We do not believe that Conti’s dissolution was a direct result of the leaks,” the authors wrote, “but rather that the leaks catalyzed the dissolution of an already fracturing threat group.”

    Far beyond just Conti, cybercrime elements which once worked together have since split over political differences, according to Recorded Future. The authors wrote that “the so-called ‘brotherhood’ of Russian-speaking threat actors located in the CIS [Commonwealth of Independent States] has been damaged by insider leaks and group splintering, due to declarations of nation-state allegiance both in support of and opposed to Russia’s war against Ukraine.”

    All the uprooting and fighting has caused fractures in the very structure of the cybercrime underground, researchers concluded.

    “Russian-language Dark Web marketplaces have taken a major hit,” Leslie claims. “These marketplaces have also fractured and become more diffuse,” a trend compounded by the seizure of the world’s No. 1 cybercrime forum, Hydra.

    He adds, “We speculate that the epicenter of cybercrime may shift to English-speaking Dark Web forums, shops, and marketplaces over the next year.”

    [ad_2]

    Source link

    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
    Previous ArticleChromeLoader Malware Targeting Gamers via Fake Nintendo and Steam Game Hacks
    Next Article Researchers Share New Insights Into RIG Exploit Kit Malware’s Operations
    justmattg
    • Website

    Related Posts

    Cyber Security

    Name That Toon: Last Line of Defense

    April 16, 2024
    Cyber Security

    OpenJS Foundation Targeted in Potential JavaScript Project Takeover Attempt

    April 16, 2024
    Cyber Security

    Middle East Cyber Ops Intensify, With Israel the Main Target

    April 16, 2024
    Add A Comment

    Leave A Reply Cancel Reply

    Demo
    Stay In Touch
    • Facebook
    • Twitter
    • Pinterest
    • Instagram
    • YouTube
    • Vimeo
    Don't Miss
    Cyber Security

    Name That Toon: Last Line of Defense

    justmattgApril 16, 2024

    [ad_1] The enemies are always getting closer, using the same advanced technologies as security pros…

    OpenJS Foundation Targeted in Potential JavaScript Project Takeover Attempt

    April 16, 2024

    Middle East Cyber Ops Intensify, With Israel the Main Target

    April 16, 2024

    Muddled Libra Shifts Focus to SaaS and Cloud for Extortion and Data Theft Attacks

    April 16, 2024

    Subscribe to Updates

    Get the latest creative news from SmartMag about art & design.

    [mc4wp_form id=3515]
    Demo
    Top Posts

    Name That Toon: Last Line of Defense

    April 16, 2024

    OpenJS Foundation Targeted in Potential JavaScript Project Takeover Attempt

    April 16, 2024

    Middle East Cyber Ops Intensify, With Israel the Main Target

    April 16, 2024
    Stay In Touch
    • Facebook
    • Twitter
    • Pinterest
    • Instagram
    • YouTube
    • Vimeo
    Latest Reviews
    Cyber Security

    Name That Toon: Last Line of Defense

    justmattgApril 16, 2024

    [ad_1] The enemies are always getting closer, using the same advanced technologies as security pros…

    Cyber Security

    OpenJS Foundation Targeted in Potential JavaScript Project Takeover Attempt

    justmattgApril 16, 2024

    [ad_1] Apr 16, 2024NewsroomSupply Chain / Software Security Security researchers have uncovered a “credible” takeover…

    Subscribe to Updates

    Get the latest creative news from FooBar about art, design and business.

    [mc4wp_form id=3515]
    Demo
    MOST POPULAR

    Name That Toon: Last Line of Defense

    April 16, 2024

    California mountain lion P-22 left mark on wildlife conservation

    January 1, 2023

    Congress Again Writes To Home Minister Amit Shah Over Rahul Gandhi’s Security

    January 1, 2023
    OUR PICKS

    Name That Toon: Last Line of Defense

    April 16, 2024

    OpenJS Foundation Targeted in Potential JavaScript Project Takeover Attempt

    April 16, 2024

    Middle East Cyber Ops Intensify, With Israel the Main Target

    April 16, 2024

    Subscribe to Updates

    Get the latest creative news from FooBar about art, design and business.

    [mc4wp_form id=3515]
    Facebook Twitter Instagram Pinterest
    • Privacy Policy
    • Contact Us
    AI Home Security © 2025 All rights reserved | Designed By ESmartsSolution

    Type above and press Enter to search. Press Esc to cancel.

    ↑