Cybercriminals Perspective Revealed in Underground Forums

Young cybercriminal at work

Recent research conducted by the cybersecurity firm Digital Shadows provides an interesting insight into the cybercriminal world. Researchers uncovered cybercriminals’ main concerns and their perspective on being arrested and jailed by hunting through underground forums on the dark web.

Tips from the Dark Web

Digital Shadows researchers recently investigated the world of cybercrime and issued their findings in a report published on Monday. The researchers accessed the dark web to see what was being discussed on cybercriminal underground forums. They asked themselves whether cybercriminals feared arrest and being sent to jail. Especially, keeping in mind recent crackdowns by law enforcement agencies on cybercriminal groups like Emotet and the shutdown of DarkMarket.

Not surprisingly, the researchers found that the topic most discussed on the dark web is how to evade the authorities. The risks of capture by the authorities are many. However, the forums describe the most common pitfalls for cybercriminals are working with others and operational security practices.

The Pitfalls

It turns out working with others is a two-edged sword. To become a successful cybercriminal and get ahead, hackers need to collaborate with others. However, this could leave a cybercriminal exposed to arrest if the collaborator isn’t strong in ensuring operational security. Furthermore, if the collaborator is caught, then the cybercriminal runs the risk of being betrayed to the authorities. Nonetheless, cybercriminals and cybercriminal groups have been known to join forces. Some have formed affiliations like the Maze cartel before it shut down operations, and the Egregor group.

Operational security is by far the greatest concern to cybercriminals, as this allows them to avoid detection from law enforcement. Underground forums are full of discussions about how to remain anonymous. And advice is shared on best practices for ensuring that their real identities are not exposed.

Another major concern for cybercriminals is mistakes they may have made when they were first starting out. Mistakes such as “using a spouse’s email address, forgetting to mask their IP, or letting their real name and address slip.” Such errors are near impossible to erase and follow the cybercriminal throughout their career, leaving them open to possible identification.

Russia Best Place to Live

Apparently, for cybercriminals the best place to live is Russia, despite the censorship. The understanding on underground forums is that cybercriminals are safe in Russia as long as they don’t attack Russia or former Soviet Union nations. Digital Shadows reports one forum user as saying: “If you’re working on the Russian Federation, then [law enforcement will] hunt you down, but if you’re working on the EU or the US, then nothing will happen, no one will care.”

However, should cybercriminals want to go abroad for a holiday, for example, then they are likely to find themselves arrested. There are many discussions on Russian-language forums trying to dissuade hackers from travelling abroad. The advice “a Russian resort is better than a US prison” is reportedly often seen on these forums.

The minute cybercriminals cross the Russian border they are open to arrest. The Russian government may leave them alone, but other nations’ governments are not so merciful. One forum user remarked that some cybercriminals living peacefully in Russia had decided to go on a holiday abroad and “that’s it, they don’t even make it out of the airport without the cuffs on.”

Cybercriminals Optimistic in the Face of the Law

Most cybercriminals don’t believe they can avoid getting arrested once their identity has been discovered. However, discussions on Russian-language underground forums indicate that hackers are quite optimistic about avoiding a conviction for their crimes. Not much discussion about this was discovered on English-language forums.

The likely reason for this optimism is the fact that laws worldwide are always having to play catch up with the constantly changing nature of cybercrime. Digital Shadows states that compared to other crimes “the burden of proof may be much higher, and the specificities of the crime are often too complex for members of the courts to understand, particularly if they don’t have a background in cybersecurity.”

Consequently, cybercriminals are at times allowed to walk free. In recent years, conviction rates for cybercrimes have fallen in Russia. And even Western courts are finding it difficult to convict cybercriminals for their crimes.

Information technology expert
Grace is an information technology expert who joined the VPNoverview team in 2019, writing cybersecurity and internet privacy-based news articles. Due to her IT background in legal firms, these subjects have always been of great interest to her.