Russian cyber-gangs produced damages of $790 million

Nov 27, 2015 19:43 GMT  ·  By

Russia has always had one of the most advanced and sophisticated cybercrime undergrounds in the world, with its market offering products and services that can be anything from DDoS tools to fraud-ready user records and from RATs to zero-day bugs.

A recent Kaspersky report that studied incident data from 2012 to 2015 highlights the fact that vigilante and hacktivism actions are quite rare in Russia's cyber underground, and most of the times, the majority of the gangs are busy with campaigns that can pocket them serious profits.

Kaspersky's Computer Incidents Investigation Department (CIID) says that around 95% of all the incidents they analyzed were connected with the theft of money or financial information. Over 330 such incidents were taken into account by Kaspersky when compiling their report.

Successful attacks produced over $790 million / €745 million in damages, and over 160 Russian-speaking suspects were arrested. Out of all the losses, over $509 million / €480 million were damages to companies outside the borders of the former USSR.

Five major cyber-crime syndicates operating in Russia

The Kaspersky Lab team also estimates that up to 1,000 cyber-specialists have been recruited by Russian cybergangs in the past three years and that only around 20 individuals are at the core of these gangs and the tools they use.

Furthermore, the Russian-based antivirus company also concludes that only five major cybercrime units specialized in financial crime are currently operating out of Russia, each with a headcount ranging from 10 to 40 members.

Out of their telemetry data, Kaspersky informs us that these groups are attacking targets not only in Russia but also in the UK, US, Australia, France, Germany, and Italy.

As for the actual Russian underground cybercrime underground market, Kaspersky says that criminals can easily purchase both goods and services at extremely low prices. These vary from offensive hacking software to database dumps, DDoS traffic, spam, anonymity services, and various others.

You can read more details in Kaspersky's Russian Financial Cybercrime: How It Works report.