The Cyber Underground

Criminals are constantly searching for creative new ways to obtain money from banks and customers through fraud and cybersecurity vulnerabilities.

Money Transfer – Exchange Laundering Escrow Payment Processors

Cyber criminals attempt to maintain their anonymity through electronic payment systems and virtual currencies.  They primarily use approved exchangers or money laundering services to receive/retrieve money within these accounts.



Secure, reliable communication is vital for criminals to do business.  Jabber is the prominent method, especially on servers maintained by cyber criminals.


Exploit Kit

Most malware designed for mass infections use an exploit kit to identify and exploit kit to identify and exploit vulnerabilities on victim systems.


Anti-Virus (AV) Checking

Most malware operators use a criminal AV checking service before deployment to check the malware signature against multiple AV companies as a way to maximize infection rates.


Coders – Injects ATS Crypting Packing

Coding services (apart from the development of the malware itself) are required to customize the malware, tailor it for specific targets, and improve the malware’s ability to bypass anti-fraud mechanisms.


Delivery – Pay-per-install Phishing Spam Traffic Ad Networks

There are several services necessary to the malware delivery process.  Spam botnets send out phishing e-mails used to generate infections.  Pay-per-install, ad networks, and traffic are all intertwined and designed to drive victims to compromised Web pages.


Cashout – Mule Leader Cashout Service

Monetization is the most important and risky part of the cuber criminal process due to the connection with the real world.  Using experienced cashout services minimizes risk for developers and maximizes received profit.


Infrastructure – BulletProof (BP) Hosting Dedicated Servers Domain Registration VPN / Proxy

BP Hosting, dedicated servers, and domain registration are all vital infrastructure for hosting infected Web sites, malware, and C2’s.  VPN’s and proxies provide anonymization and facilitate other aspects of their criminal activity.



Criminal forums serve as the marketplace for criminal activity.  Actors use the forum to buy/sell their products or services, make business associates, and to build their reputations.


Categories: Financial Institutions
Post by 4accountadmin on September 22, 2015

Risk Consulting Resources

Cyber Criminals And The Banking Cyber World. Minimize Your Risk!

Phone call for risk consulting

Leverage the breadth and depth of our education, experience and vision to deliver solutions to you.