Once the domain of outsiders and tech-savvy specialists, hacking has evolved into a diverse market complete with industry verticals, specializations and intense competition that sees groups that aren’t willing to play ball kicked to the curb as more malleable services take their place.
According to Business Insider, in fact, the rise of user-friendly viruses and exploit kits so simple almost anyone could turn to a life of digital ill repute has sparked a kind of customer service war among cybercriminals. Malicious actors face off to offer better support, quicker response times and even money-back guarantees for underhanded activities. It’s official: Things have gotten very, very strange out there.
As noted by Business Insider, one of the first market segments to roll out cybercrime support were the carders — criminals who steal and sell credit card information and the attached personal data. It started around 15 years ago with a major crackdown on carding services, which in turn opened the market for smaller, startup offerings.
To set themselves apart, cybercriminals offered card testing through charity donations along with money-back guarantees if cards didn’t work as advertised. The idea quickly spread to other attack verticals such as ransomware and even marketplaces like AlphaBay.
For example, ransomware creator Jeiphoos — who developed the Encryptor ransomware-as-a-service (RaaS) — inserted a comment and feature request box in his malware package and has since implemented a number of customer suggestions to improve the offering.
AlphaBay, meanwhile, now includes the same kind of seller reviews and vendor ratings users would expect to see on Amazon or eBay. In what can only be described as a kind of bizarro-world mimicry, one AlphaBay patron filed a scam report when the two packages of flour he ordered didn’t contain a Beretta pistol.
Attackers have also taken to offering ongoing support for their products, and some even provide setup services for a small fee, effectively making the moniker of cybercriminal available to anyone willing to surf the Dark Web and spend a little cash.
Despite increased competition among cybercriminals, however, there’s no ceiling predicted for this market in the near future. Time reported that Hyatt Hotels recently discovered a payment processing virus on its system that could result in millions of customer cards being compromised.
NBC News, meanwhile, has a roundup of cyber predictions for 2016. From hacktivism to increased use of ransomware and the threat of a hackable Internet of Things (IoT), there are plenty of sales vectors left for malicious actors to fill and subsequently support. In short, companies should expect an uptick, not a slowdown, as the cybercriminal market looks to enhance the customer experience.
So what’s the takeaway in this strange new cybercriminal landscape? The mastermind responsible for a corporate network shutdown or retail chain hack may not be a tech wizard or prolific malware-maker but rather a disgruntled employee with a little cash, a smartphone and an ax to grind. In a way, it’s almost sad: Hacking has transitioned from a niche market shrouded in secrecy and mystique to just another e-commerce venture, one replete with scams and poor sellers.
The good news? More exploits, kits and other malware in the hands of tech novices means more data for security experts, while the focus on customer service over quick-and-quiet code exchanges makes supportive cybercriminals easier to catch in the act.