Although the general public thinks of underground forums as a place where scams and suspicious dealings are rampant, the opposite is usually true: the threat actors who inhabit these sites often consider their reputation a major asset.
In the past several years, traveling cybercriminals have toured around the world on the cheap, thanks to the fraudulent online transactions involving travel documents, airline and hotel loyalty accounts, and other travel-related services in the underground.
In 2012, we predicted that we would soon see an African underground market take root. Our recent joint research effort with the INTERPOL on the West African threat landscape may just be even greater proof of that.
Research on how the healthcare sector has evolved as a preferred target for cybercriminals, how stolen records are monetized, what types of data are stolen, and how much they're sold for in the underground.
While cybercriminals seem to be shying away from data theft to outright extortion as their main revenue source (cue in ransomware), stealing personal information and using or selling it for further cybercriminal acts is still a serious problem.
This research into the French underground offers a look into a small market that, unlike the North American underground, is well-hidden in the Dark Web.
Do cybercriminals use offshore companies to hide ill-gotten gains? A look into various underground communities show that these services are being offered to cybercriminals too.
An interactive map that shows how each cybercriminal underground scene in each region differ from another: from accessibility, to identity, and product service offerings.