Youngsters are getting into cybercrime and darknet
~3 min read | Published on 2022-12-24, tagged DarkWeb using 640 words.
The number of early age people engaging in internet-related crimes is huge, that's include money mules or even digital piracy and the list goes on. Cybercrime still remains a big threat to business and companies around the world, the internet is on a constant development and the types of crimes evolves together with it.
Alot of internet users know about the deepweb, there's videos, articles and even tv shows about it.
That can explain the rise in popularity among the youngsters users. The tought that is a non-harm crime and don't make too much difference in the society it's what catch their attention, easy money and no side effects.
A good example about it's the netflix show: How to sell drugs online:fast.
The protagonist is Moritz, a teen desesperate to get his girlfriend Lisa back.
Moritz it's a tech nerd, and he hacked lisa and found out her interest in MDMA.
That leads him to work with his friend Lenny to make a website to sell Ecstasy.
This show is based on a real life story. At the age of 19 the german teenager
Maximilian Schmidt - was running a drug internet empire from his bedroom.
He solds kilos of cocaine, marijuana and other illegals through his website "Shiny Flakes". After his arrest he helped working as a consultant in the show and netflix made a documentary telling his story, you can see more about the show here.
Ddos, malware and ransomware can be found as subscription services, easying the acess into cybercrime. You can find phishing kits being selled as $6 dollars on darknet markets and Ddos attacks for less than $500.
The ransomware scene new favorite method is the affiliate model, renting a working
operation and splitting the revenue based on the results and activity. It's pretty easily
to find tutorials or malwares to buy even on the clearnet. The crypto payment system
makes it more easy to trade products and services.
2022 was the year of Gen Z`s hackers, a Uk hacker/ransomware group called Lapsus$ went on a spree
aiming big names on tech like Microsoft, Samsung, Ubisoft and others. The group main motivation was "Kudos" - "doing for d lulz". Lapsus$ main source of communication it's telegram, there they find new people to recruit and post sensitive data of their victims.
The main type of attack is social engineering and sim swapping scam. They get credentials of the target on a enterprise, call the phone provider and report a theft. reroute the sim to their phone, triggs 2FA authentication
and do a password reset. The easy acess to harming tools and the digital nativeness that the youngsters have its a powerful combination, the need for social validation in the internet sphere it's going to contribute the drop in the age of cybercriminals.
This cybercrime world it's not just lulz and money, sometimes you have to pay the price of your actions. Seven teenagers got arrested in connection with the hacker group.
On march 2022, people in the age of 16 and 21 were arrested by the London Police in connection to a investigation into Lapsus$ group.
Companies invest alot of money in security frameworks, platforms and programs. But in the end of the day companies are made of people, and people make mistakes. Even the best technology in the world can't entirely remove the risk of human vulnerability. That's why we need more trained people in that. Companies need to invest in the part of cybersecurity that avoid and analyze those threats, that is what managed detection and response (MDR) does, technology is amazing but we still need people train to fight the threats. Another part of the fight aganst youngster cybercrimes is education about the laws and consequences of their acts on the internet, if put in the right direction their skills can be used to good actions and create new job opportunities.
The rise in darknet popularity
Alot of internet users know about the deepweb, there's videos, articles and even tv shows about it.
That can explain the rise in popularity among the youngsters users. The tought that is a non-harm crime and don't make too much difference in the society it's what catch their attention, easy money and no side effects.
A good example about it's the netflix show: How to sell drugs online:fast.
The protagonist is Moritz, a teen desesperate to get his girlfriend Lisa back.
Moritz it's a tech nerd, and he hacked lisa and found out her interest in MDMA.
That leads him to work with his friend Lenny to make a website to sell Ecstasy.
This show is based on a real life story. At the age of 19 the german teenager
Maximilian Schmidt - was running a drug internet empire from his bedroom.
He solds kilos of cocaine, marijuana and other illegals through his website "Shiny Flakes". After his arrest he helped working as a consultant in the show and netflix made a documentary telling his story, you can see more about the show here.
Rise in rookie attacks
Ddos, malware and ransomware can be found as subscription services, easying the acess into cybercrime. You can find phishing kits being selled as $6 dollars on darknet markets and Ddos attacks for less than $500.
The ransomware scene new favorite method is the affiliate model, renting a working
operation and splitting the revenue based on the results and activity. It's pretty easily
to find tutorials or malwares to buy even on the clearnet. The crypto payment system
makes it more easy to trade products and services.
Youngest threat actors
2022 was the year of Gen Z`s hackers, a Uk hacker/ransomware group called Lapsus$ went on a spree
aiming big names on tech like Microsoft, Samsung, Ubisoft and others. The group main motivation was "Kudos" - "doing for d lulz". Lapsus$ main source of communication it's telegram, there they find new people to recruit and post sensitive data of their victims.
The main type of attack is social engineering and sim swapping scam. They get credentials of the target on a enterprise, call the phone provider and report a theft. reroute the sim to their phone, triggs 2FA authentication
and do a password reset. The easy acess to harming tools and the digital nativeness that the youngsters have its a powerful combination, the need for social validation in the internet sphere it's going to contribute the drop in the age of cybercriminals.
This cybercrime world it's not just lulz and money, sometimes you have to pay the price of your actions. Seven teenagers got arrested in connection with the hacker group.
On march 2022, people in the age of 16 and 21 were arrested by the London Police in connection to a investigation into Lapsus$ group.
What can be done
Companies invest alot of money in security frameworks, platforms and programs. But in the end of the day companies are made of people, and people make mistakes. Even the best technology in the world can't entirely remove the risk of human vulnerability. That's why we need more trained people in that. Companies need to invest in the part of cybersecurity that avoid and analyze those threats, that is what managed detection and response (MDR) does, technology is amazing but we still need people train to fight the threats. Another part of the fight aganst youngster cybercrimes is education about the laws and consequences of their acts on the internet, if put in the right direction their skills can be used to good actions and create new job opportunities.
