Advertisement

Everything must go: Cybercriminal forums offer discounts during pandemic

The cybercriminal economy is adapting to a health crisis that has affected people’s spending habits around the world.
cybercrime hacker forums

Countless legitimate businesses are offering discounts or altering their services to turn a profit during the coronavirus pandemic. Cybercriminal forums are no different.

More than 500 posts on forums tracked by cybersecurity company Group-IB have advertised promotional codes and discounts during the pandemic on distributed denial of service (DDoS) attack tools, spamming, and other services.

It’s an example of how the economy for cybercriminal services — worth, according to one estimate, $1.6 billion annually — is adapting to a health crisis that has changed spending habits around the world.

“Due to the current situation in the world, we provide a 20% discount on all our services with a promotional code: COVID-2019 until the end of April,” read one criminal forum posting found by Group-IB, which was originally in Russian. Another post offered customer service around the clock. “The prices are very favorable during the coronavirus epidemic.”

Advertisement

The Group-IB data fits a larger picture. Multiple threat intelligence companies told CyberScoop they were seeing underground forums slash prices or offer free trials to attract customers. That includes a notorious provider of “bulletproof” web-hosting services, which make it easier to distribute spam. The Russian-speaking seller is touting a free week of services, according to Vitali Kremez, head of SentinelLabs, the research division of cybersecurity company SentinelOne.

A screenshot of an underground ad for a spamming tool offered for a “special price during COVID-19 situation”

It is not just hacking tools that are on sale. The fruits of those tools’ use, such as stolen credit card data, are also marked down.

“Wary of slowing cybercriminal demand for such data, most of the major dark web vendors began offering steep discounts in the last week of February and the beginning of March,” said Andrei Barysevich, CEO of dark-web intelligence firm Gemini Advisory. “Some discounts reached as high as 30 to 40%.”

Like other types of hackers, cybercriminals have altered their tactics to exploit fears around COVID-19. There hasn’t been a noticeable increase in overall cybercrime, just a jump in pandemic-themed phishing and scamming, according to U.S. and U.K. authorities.

Advertisement

The extent to which law enforcement officials crack down on this shift remains to be seen. U.S. Attorney General William Barr has vowed to make it a priority, and the Department of Justice recently shut down a website peddling COVID-19-related fraud. But prosecutors will struggle to catch every single scammer, making where they spend resources an important decision.

“I don’t think most people realize how much cybercriminal services have become professionalized,” said Allan Liska, a ransomware expert at threat intelligence company Recorded Future. “While they are focused on criminal activity, this is still a nine-to-five-type job for many of these people.”

“Just like other professions, they are having to adapt to fewer potential customers,” Liska added. “But unlike other professions, most of us would be happy to see them go out of business because of COVID-19.”

Sean Lyngaas

Written by Sean Lyngaas

Sean Lyngaas is CyberScoop’s Senior Reporter covering the Department of Homeland Security and Congress. He was previously a freelance journalist in West Africa, where he covered everything from a presidential election in Ghana to military mutinies in Ivory Coast for The New York Times. Lyngaas’ reporting also has appeared in The Washington Post, The Economist and the BBC, among other outlets. His investigation of cybersecurity issues in the nuclear sector, backed by a grant from the Pulitzer Center on Crisis Reporting, won plaudits from industrial security experts. He was previously a reporter with Federal Computer Week and, before that, with Smart Grid Today. Sean earned a B.A. in public policy from Duke University and an M.A. in International Relations from The Fletcher School of Law and Diplomacy at Tufts University.

Latest Podcasts