Cybercrime ecosystem spawns lucrative underground Gig Economy

Over a 30-month period, cybercriminal gangs and threat groups posted more than 200,000 advertisements seeking workers with skills in software development, maintaining IT infrastructure, and designing fraudulent sites and email campaigns.

The demand for technically skilled individuals continues, but it peaked during the coronavirus pandemic, with double the average job advertisements coming during March 2020, the first month of the pandemic, according to a new report from cybersecurity firm Kaspersky. The analysis collected messages from 155 Dark Web forums posted between January 2020 and June 2022, selecting those that mentioned employment — either posted by a cybercriminals groups or sent by individuals seeking work.

The lion’s share (83%) of employment-related posts were threat groups seeking highly skilled workers, including developers (61%), attack specialists (16%), and fraudulent website designers (10%).

Improving defenses have forced attackers to improve their tools and techniques, driving the need for more technical specialists, explains Polina Bochkareva, a security services analyst at Kaspersky.

“Business related to illegal activities is growing on underground markets, and technologies are developing along with it,” she says. “All this leads to the fact that attacks are also developing, which requires more skilled workers.”

The underground jobs data highlights the surge in activity in cybercriminal services and the professionalization of the cybercrime ecosystem. Ransomware groups have become much more efficient as they have turned specific facets of operations into services, such as offering ransomware-as-a-service (RaaS), running bug bounties, and creating sales teams, according to a December report. In addition, initial access brokers have productized the opportunistic compromise of enterprise networks and systems, often selling that access to ransomware groups.

Such division of labor requires technically skilled people to develop and support the complex features, the Kaspersky report stated.

“The ads we analyzed also suggest that a substantial number of people are willing to engage in illicit or semilegal activities despite the accompanying risks,” the report stated. “In particular, many turn to the shadow market for extra income in a crisis.”

Pandemic Caused a Spike

In early 2020, such a crisis caused a surge in activity on Dark Web forums.

To read the complete article, visit Dark Reading.