Shocking news! It turns out that criminals cannot be trusted.
Of course, it’s obvious, but criminals themselves may be guilty of trusting others too much and being defrauded as a result.
Sophos Researcher Presented There was an investigation at Black Hat Europe this week into so-called “metaparasites” (scammers tricking other scammers).
Matt Wixey and Angela Gunn from Sophos describe their research as follows:
“…a novel study of scammers scamming scammers and hackers hacking hackers in three of the most established and prominent criminal markets. Examine the motives of metaparasites, how the arbitration process works, and how metaparasites affect the culture and operations of the markets in which they operate.
And you can make a lot of money by targeting cybercriminals.
According to Sopbos, cybercriminals have lost more than US$2.5 million to other scammers on three underground forums over the past 12 months.
Fraud can take multiple forms, including fake data breaches, blackmail, backdoor malware, and phishing.
The researchers also found 20 websites created to mimic the criminal marketplace “intended to trick users into charging a $100 ‘activation fee’.”
Oh my god, never mind.
And, perhaps unsurprisingly, there is even evidence that some scammers who have been scammed continue to take revenge by scamming the very person who scammed them (read this to the end). I would appreciate it…).
The problem of cybercriminals manipulating other cybercriminals has become so acute that underground forums even have dedicated “arbitration chambers” aired in the hope that disagreements will be resolved. will be
So this is all very interesting. We like the idea that cybercriminals are tricking each other instead of targeting innocent civilians.
According to researchers, yes:
“Metaparasites inadvertently provide analysts with the benefit of intelligence that would otherwise remain hidden in sales, operations, negotiations, identifiers and even market cultures, varying levels of operational security, and deception. Gain unprecedented insight into vulnerabilities to and social engineering.”
But don’t laugh too hard, researchers warn.
As long as those who explore and study the culture of cybercriminals aren’t fooled, I think we can take some comfort from the idea that cybercriminals are scamming each other and not us.
Did you find this article interesting? Follow Graham Cluley on Twitter Also Mastodon To read more about the exclusive content we post.