Evolution of Cybercrime

Evolution of
Cybercrime
A Joint Trend Micro-U.S. Secret Service Research Project
More Than a Decade of Making the World Cybersecure

Use the timeline below to journey through the years of public-private partnerships in the fight against cybercrime.
DOWNLOAD FULL REPORT

The Carding Era

2000-2010

The cybercriminal underground could have started with Russian carding forums and marketplaces where criminals offered stolen payment card details to anyone who wished to carry out identity theft and phishing attacks. Payment card owners were usually subjected to phishing attacks that gave cybercriminals unrestricted access to their personally identifiable information (PII). Stolen details were sold to other criminals who then produced fake payment cards. Probably the biggest of such sites was CarderPlanet, which was founded in 2001 by Dmitry Ivanovich Golubov, along with Roman Vega and Vladislav Anatolievich Horohorin.

  • 2000
  • 2001
  • 2002
    03-2003

    March 2003

    • CarderPlanet don, Vega (aka Boa/Roman Stepanenko/Randy Riolta/RioRita) was arrested in Cyprus and extradited to the U.S.
    • U.S. Secret Service
  • 2003
  • 2004
    10-2004

    October 2004

    • 28 criminals involved in CarderPlanet and similar networks were arrested (21 in the U.S. and 7 in 6 different countries)
    • U.S. Secret Service and partners
  • 2005
    07-2005

    July 2005

    • CarderPlanet founder, Golubov (aka Script), was arrested
    • U.S. Secret Service and Ukrainian authorities
  • 2006
  • 2007
    08-2007

    August 2007

    • Maksym Yastremskiy (aka Maksik) was arrested in Turkey
    • U.S. Secret Service and Turkish authorities
  • 2008
    01-2009

    January 2009

    • CarderPlanet don, Vega, pleaded guilty
    • U.S. Secret Service
  • 2009
    05-2009

    May 2009

  • 2010
    03-2010

    25 March 2010

    • Shadowcrew mastermind, Albert Gonzalez, was sentenced to 20 years in prison
    • U.S. Secret Service
    08-2010

    27 August 2010

    • CarderPlanet don, Horohorin (aka BadB), was arrested in France and extradited to the U.S.
    • U.S. Secret Service and French authorities

The Year of Data Breaches

2011

2011 was dubbed the "Year of Data Breaches," as the world witnessed organizations succumb to targeted breach attacks and lose what we call the new digital currency—information. The year was particularly challenging for the security industry, as several breached organizations soiled their reputations by losing confidential information and spending huge sums of money to fix damages. Victims like RSA and Sony PlayStation were left with no other choice but to publicly disclose facts about the attacks against their infrastructure so their customers could ensure proper mitigation.

  • Jan
  • Apr
    06-2011

    14 June 2011

    • Operation Firewall: Shadowcrew criminal, Aleksey Petrov Kolarov (aka APK), was sentenced to 30 months in prison
    • U.S. Secret Service and partners
  • Jul
  • Oct
    11-2011

    09 November 2011

    • Operation Ghostclick: Esthost/Rove Digital was taken down; Vladimir Tsastsin and 5 other Estonian criminals were arrested
    • FBI with Trend Micro and other partners
    11-2011

    November 2011

    • Suvorov pleaded guilty to other charges
    • U.S. Secret Service

The Post-PC Era

2012

We declared 2012 the “post-PC era,” as cybercriminals started moving away from previously favored targets to focus instead on attacking Android™, social media platforms, and even Macs. It took Android devices less than three years to reach the volume of threats (led by premium service abusers and data stealers) that it took 14 years for PCs to reach. The question was no longer if a system would be breached, but when, as data breach and targeted attacks became the new norms.

  • Jan
  • Apr
  • Jul
    07-2012

    18 July 2012

    • Suvorov was sentenced to 7 years in prison
    • U.S. Secret Service
  • Oct

The Year of Online Banking Threats

2013

2013 was a challenging year for users worldwide, as refined online threats posed serious risks to their digital lives. Daily online banking and other financial transactions put users’ private information and wallets at great risk. Online banking malware like ZeuS/ZBOT took center stage in terms of scale. 2013 was also marred by threats like the Black Hole Exploit Kit, mobile malware, and the beginnings of ransomware like CryptoLocker.

  • Jan
    04-2013

    05 April 2013

    • CarderPlanet don, Horohorin, was sentenced to 88 months in prison
    • FBI and the U.S. Secret Service
    05-2013

    03 May 2013

    • SpyEye criminal, Hamza Bendellaj (aka Bx1), was arrested in Thailand and extradited to the U.S.
    • FBI with Trend Micro and other partners
  • Apr
    06-2013

    21 June 2013

  • Jul
    06-2013

    01 July 2013

  • Oct
    12-2013

    12 December 2013

    • CarderPlanet don, Vega, was sentenced to 18 years in prison
    • U.S. Secret Service

The Year of Cyberattacks

2014

2014 showed just how destructive cyberattacks could be to individuals and companies alike. Substantive financial losses and irreparable reputation damage ran rampant. The severity of attacks and their effects revealed one thing—the risk of becoming the next cyberattack victim has intensified. Massive data breaches were aided by point-of-sale (PoS) RAM scrapers. Vulnerability exploit attacks targeting Heartbleed and Shellshock prominently figured as well. Much to the world’s detriment, established processes like two-factor authentication (2FA) also proved susceptible to threats, as evidenced by Operation Emmental.

  • Jan
    01-2014

    29 January 2014

    • SpyEye criminal, Panin, pleaded guilty
    • FBI with Trend Micro and other partners
  • Apr
    05-2014

    22 May 2014

    • SpyEye accomplice, James Bayliss (aka jam3s), was arrested in the U.K.
    • U.K. National Crime Agency (NCA) and Trend Micro
  • Jul
  • Oct

The Year of Big Botnet Busts

2015

2015 was a great year for the good guys, as it was marked by several successful global takedown and cybercriminal arrest activities. The takedown of long-standing botnets—Beebone/AAEH, SIMDA, Bugat/Cridex/Dridex—and criminal enterprises—Esthost/Rove Digital and reFUD.me—proved that cybercriminals were not above the law. Though tried-and-tested threats (zero-day exploits and malvertising tools like Superfish) continued to attack the simplest of blind spots that left individuals and organizations exposed, public-private partnerships (PPPs) between law enforcement agencies and security practitioners remained steadfast in keeping the world cybersecure.

  • Jan
    04-2015

    13 April 2015

    • SIMDA Botnet was taken down
    • INTERPOL with Trend Micro and other partners
    04-2015

    18 April 2015

  • Apr
  • Jul
    07-2015

    06 July 2015

    07-2015

    08 July 2015

    • Esthost/Rove Digital criminal, Tsastsin, was sentenced to 87 months in prison
    • FBI with Trend Micro and other partners
  • Oct
    10-2015

    13 October 2015

    • Bugat/Cridex/Dridex Botnet was taken down and criminal, Andrey Ghinkul (aka Andrei Ghincul or Smilex) was arrested
    • FBI with Trend Micro and other partners
    11-2015

    23 November 2015

The Year of Digital Extortion

2016

2016 was an unprecedented year for cybersecurity in the enterprise space. It was indeed the year of online extortion, with ransomware leading the charge. Business email compromise (BEC) likewise raked in huge profits for cybercriminals while proving that social engineering was still very effective. Vulnerabilities in widely used platforms, including Supervisory Control and Data Acquisition (SCADA) systems, also surpassed volume records. 2016 was also marred by the biggest reported data breach in history while other organizations felt the effects of poor Internet of Things (IoT) security ushered in by the Mirai botnet attack.

  • Jan
    04-2016

    12 April 2016

    04-2016

    20 April 2016

    • SpyEye creators, Panin and Bendelladj, were sentenced to a combined 24 years and 6 months in prison
    • FBI with Trend Micro and other partners
  • Apr
  • Jul
    08-2016

    05 July 2016

    08-2016

    01 August 2016

    • BEC scam mastermind, "Mike," was arrested
    • INTERPOL with Trend Micro and other partners
    08-2016

    25 August 2016

    • Notorious PoS device hacker, Seleznev, was found guilty of charges
    • U.S. Secret Service and partners
  • Oct
    12-2016

    05 December 2016

    • Avalanche criminal network was taken down
    • FBI with Trend Micro and other partners

The Year of Global Ransomware Outbreaks

2017

2017 saw massive ransomware outbreaks turn into global events that cost enterprises billions of dollars. Familiar threats like BEC scams continued to be a consistent danger for enterprises as well. In addition, volatile cryptocurrencies disrupted the threat landscape, as their value steeply and quickly rose. To function, cybercriminals reworked old techniques to take advantage of the cryptotrends and tried to exploit known vulnerabilities in new ways.

The Current Reality

2018

In 2018, digital extortion will be at the core of most cybercriminals’ business model. IoT device vulnerabilities will expand the attack surface along with smart environments. BEC scams will ensnare more organizations into forking over their money. The age of fake news and cyberpropaganda will persist with tried-and-tested cybercriminal techniques. Machine learning and blockchain applications will pose both promises and pitfalls. Companies will face the challenge of keeping up with General Data Protection Regulation (GDPR) directives. Not only will enterprises be riddled with vulnerabilities, but loopholes in internal processes will also be abused for production sabotage.

  • Jan
    01-2018

    15 January 2018

    • reFUD.me and Cryptex Reborn/Lite author, Esteves, pleaded guilty
    • U.K. NCA and Trend Micro
    01-2018

    15 February 2018

    • reFUD.me and Cryptex Reborn/Lite author, Esteves, was sentenced to 2 years in prison
    • U.K. NCA and Trend Micro
    03-2018

    13 March 2018

    • Scan4you criminal, Martisevs, pleaded guilty
    • FBI and Trend Micro
  • Apr
    05-2018

    16 May 2018

    • Scan4you criminal, Bondars, was found guilty
    • FBI and Trend Micro
  • Jul
    05-2018

    21 September 2018

    • Scan4You criminal, Bondars, was sentenced to 14 years in prison
    • FBI and Trend Micro
  • Oct
Photo credits: Gonzales | Stephen Watt; Golubov, Vega, Horohorin, Kolarov, and Seleznev | U.S. Secret Service CID; Suvorov | www.amicusint.org; Tsastsin | Trend Micro FTR

DOWNLOAD FULL REPORT

HIDE

Like it? Add this infographic to your site:
1. Click on the box below.   2. Press Ctrl+A to select all.   3. Press Ctrl+C to copy.   4. Paste the code into your page (Ctrl+V).

Image will appear the same size as you see above.