Evolution of Cybercrime
Cybercrime
Use the timeline below to journey through the years of public-private partnerships in the fight against cybercrime.
DOWNLOAD FULL REPORT
The Carding Era
The cybercriminal underground could have started with Russian carding forums and marketplaces where criminals offered stolen payment card details to anyone who wished to carry out identity theft and phishing attacks. Payment card owners were usually subjected to phishing attacks that gave cybercriminals unrestricted access to their personally identifiable information (PII). Stolen details were sold to other criminals who then produced fake payment cards. Probably the biggest of such sites was CarderPlanet, which was founded in 2001 by Dmitry Ivanovich Golubov, along with Roman Vega and Vladislav Anatolievich Horohorin.
-
2000
-
2001
-
200203-2003
March 2003
- CarderPlanet don, Vega (aka Boa/Roman Stepanenko/Randy Riolta/RioRita) was arrested in Cyprus and extradited to the U.S.
- U.S. Secret Service
-
2003
-
200410-2004
October 2004
- 28 criminals involved in CarderPlanet and similar networks were arrested (21 in the U.S. and 7 in 6 different countries)
- U.S. Secret Service and partners
-
200507-2005
July 2005
- CarderPlanet founder, Golubov (aka Script), was arrested
- U.S. Secret Service and Ukrainian authorities
-
2006
-
200708-2007
August 2007
- Maksym Yastremskiy (aka Maksik) was arrested in Turkey
- U.S. Secret Service and Turkish authorities
-
2008
-
2009
-
201003-2010
25 March 2010
- Shadowcrew mastermind, Albert Gonzalez, was sentenced to 20 years in prison
- U.S. Secret Service
08-201027 August 2010
- CarderPlanet don, Horohorin (aka BadB), was arrested in France and extradited to the U.S.
- U.S. Secret Service and French authorities
The Year of Data Breaches
2011 was dubbed the "Year of Data Breaches," as the world witnessed organizations succumb to targeted breach attacks and lose what we call the new digital currency—information. The year was particularly challenging for the security industry, as several breached organizations soiled their reputations by losing confidential information and spending huge sums of money to fix damages. Victims like RSA and Sony PlayStation were left with no other choice but to publicly disclose facts about the attacks against their infrastructure so their customers could ensure proper mitigation.
-
Jan
-
Apr06-2011
14 June 2011
- Operation Firewall: Shadowcrew criminal, Aleksey Petrov Kolarov (aka APK), was sentenced to 30 months in prison
- U.S. Secret Service and partners
-
Jul
-
Oct11-2011
09 November 2011
- Operation Ghostclick: Esthost/Rove Digital was taken down; Vladimir Tsastsin and 5 other Estonian criminals were arrested
- FBI with Trend Micro and other partners
The Post-PC Era
We declared 2012 the “post-PC era,” as cybercriminals started moving away from previously favored targets to focus instead on attacking Android™, social media platforms, and even Macs. It took Android devices less than three years to reach the volume of threats (led by premium service abusers and data stealers) that it took 14 years for PCs to reach. The question was no longer if a system would be breached, but when, as data breach and targeted attacks became the new norms.
-
Jan
-
Apr
-
Jul
-
Oct
The Year of Online Banking Threats
2013 was a challenging year for users worldwide, as refined online threats posed serious risks to their digital lives. Daily online banking and other financial transactions put users’ private information and wallets at great risk. Online banking malware like ZeuS/ZBOT took center stage in terms of scale. 2013 was also marred by threats like the Black Hole Exploit Kit, mobile malware, and the beginnings of ransomware like CryptoLocker.
-
Jan04-2013
05 April 2013
- CarderPlanet don, Horohorin, was sentenced to 88 months in prison
- FBI and the U.S. Secret Service
05-201303 May 2013
- SpyEye criminal, Hamza Bendellaj (aka Bx1), was arrested in Thailand and extradited to the U.S.
- FBI with Trend Micro and other partners
-
Apr
-
Jul06-2013
01 July 2013
- SpyEye criminal, Aleksandr Andreevich Panin (aka Gribodemon/Harderman), was arrested
- FBI with Trend Micro and other partners
-
Oct12-2013
12 December 2013
- CarderPlanet don, Vega, was sentenced to 18 years in prison
- U.S. Secret Service
The Year of Cyberattacks
2014 showed just how destructive cyberattacks could be to individuals and companies alike. Substantive financial losses and irreparable reputation damage ran rampant. The severity of attacks and their effects revealed one thing—the risk of becoming the next cyberattack victim has intensified. Massive data breaches were aided by point-of-sale (PoS) RAM scrapers. Vulnerability exploit attacks targeting Heartbleed and Shellshock prominently figured as well. Much to the world’s detriment, established processes like two-factor authentication (2FA) also proved susceptible to threats, as evidenced by Operation Emmental.
-
Jan01-2014
29 January 2014
- SpyEye criminal, Panin, pleaded guilty
- FBI with Trend Micro and other partners
-
Apr05-2014
22 May 2014
- SpyEye accomplice, James Bayliss (aka jam3s), was arrested in the U.K.
- U.K. National Crime Agency (NCA) and Trend Micro
-
Jul
-
Oct
The Year of Big Botnet Busts
2015 was a great year for the good guys, as it was marked by several successful global takedown and cybercriminal arrest activities. The takedown of long-standing botnets—Beebone/AAEH, SIMDA, Bugat/Cridex/Dridex—and criminal enterprises—Esthost/Rove Digital and reFUD.me—proved that cybercriminals were not above the law. Though tried-and-tested threats (zero-day exploits and malvertising tools like Superfish) continued to attack the simplest of blind spots that left individuals and organizations exposed, public-private partnerships (PPPs) between law enforcement agencies and security practitioners remained steadfast in keeping the world cybersecure.
-
Jan
-
Apr
-
Jul07-2015
08 July 2015
- Esthost/Rove Digital criminal, Tsastsin, was sentenced to 87 months in prison
- FBI with Trend Micro and other partners
-
Oct10-2015
13 October 2015
- Bugat/Cridex/Dridex Botnet was taken down and criminal, Andrey Ghinkul (aka Andrei Ghincul or Smilex) was arrested
- FBI with Trend Micro and other partners
11-201523 November 2015
- reFUD.me and Cryptex Reborn were shut down and Goncalo Esteves (aka KillaMuvz) was arrested
- U.K. NCA and Trend Micro
The Year of Digital Extortion
2016 was an unprecedented year for cybersecurity in the enterprise space. It was indeed the year of online extortion, with ransomware leading the charge. Business email compromise (BEC) likewise raked in huge profits for cybercriminals while proving that social engineering was still very effective. Vulnerabilities in widely used platforms, including Supervisory Control and Data Acquisition (SCADA) systems, also surpassed volume records. 2016 was also marred by the biggest reported data breach in history while other organizations felt the effects of poor Internet of Things (IoT) security ushered in by the Mirai botnet attack.
-
Jan04-2016
20 April 2016
- SpyEye creators, Panin and Bendelladj, were sentenced to a combined 24 years and 6 months in prison
- FBI with Trend Micro and other partners
-
Apr
-
Jul08-2016
05 July 2016
- Notorious PoS device hacker, Roman Valerevich Seleznev (aka Track2/Bulba/nCuX/psycho), was arrested
- U.S. Secret Service
08-201601 August 2016
- BEC scam mastermind, "Mike," was arrested
- INTERPOL with Trend Micro and other partners
25 August 2016
- Notorious PoS device hacker, Seleznev, was found guilty of charges
- U.S. Secret Service and partners
-
Oct12-2016
05 December 2016
- Avalanche criminal network was taken down
- FBI with Trend Micro and other partners
The Year of Global Ransomware Outbreaks
2017 saw massive ransomware outbreaks turn into global events that cost enterprises billions of dollars. Familiar threats like BEC scams continued to be a consistent danger for enterprises as well. In addition, volatile cryptocurrencies disrupted the threat landscape, as their value steeply and quickly rose. To function, cybercriminals reworked old techniques to take advantage of the cryptotrends and tried to exploit known vulnerabilities in new ways.
-
Jan01-2017
13 January 2017
- Limitless Keylogger author, Zachary Shames, pleaded guilty
- FBI with Trend Micro and other partners
03-201709 March 2017
- Trend Micro-INTERPOL joint research effort, "Cybercrime in West Africa: Poised for an Underground Market"
-
Apr04-2017
21 April 2017
- Notorious PoS device hacker, Seleznev, was sentenced to 27 years in prison
- U.S. Secret Service
24 April 2017
- ASEAN crackdown on cybercrime ensued
- INTERPOL with Trend Micro and other partners
05-2017May 2017
- Scan4you criminals, Ruslans Bondars (aka b0rland/Borland/Ruslan Bondar/Vasilij Kovalchuk) and Jurijs Martisevs (aka Garrik/Jurijs Bereverovs/Yury Martyshev), were arrested
- FBI and Trend Micro
-
Jul
-
Oct05-2017
26 September 2017
- Second Trend Micro-Europol joint research effort, "Cashing in on ATM Malware: A Comprehensive Look at Various Attack Types"
The Current Reality
In 2018, digital extortion will be at the core of most cybercriminals’ business model. IoT device vulnerabilities will expand the attack surface along with smart environments. BEC scams will ensnare more organizations into forking over their money. The age of fake news and cyberpropaganda will persist with tried-and-tested cybercriminal techniques. Machine learning and blockchain applications will pose both promises and pitfalls. Companies will face the challenge of keeping up with General Data Protection Regulation (GDPR) directives. Not only will enterprises be riddled with vulnerabilities, but loopholes in internal processes will also be abused for production sabotage.
-
Jan01-2018
15 January 2018
- reFUD.me and Cryptex Reborn/Lite author, Esteves, pleaded guilty
- U.K. NCA and Trend Micro
01-201815 February 2018
- reFUD.me and Cryptex Reborn/Lite author, Esteves, was sentenced to 2 years in prison
- U.K. NCA and Trend Micro
-
Apr
-
Jul05-2018
21 September 2018
- Scan4You criminal, Bondars, was sentenced to 14 years in prison
- FBI and Trend Micro
-
Oct
DOWNLOAD FULL REPORT
Like it? Add this infographic to your site:
1. Click on the box below. 2. Press Ctrl+A to select all. 3. Press Ctrl+C to copy. 4. Paste the code into your page (Ctrl+V).
Image will appear the same size as you see above.
Recent Posts
- Ransomware Spotlight: Ransomhub
- Unleashing Chaos: Real World Threats Hidden in the DevOps Minefield
- From Vulnerable to Resilient: Cutting Ransomware Risk with Proactive Attack Surface Management
- AI Assistants in the Future: Security Concerns and Risk Management
- Silent Sabotage: Weaponizing AI Models in Exposed Containers