Brazen North American Cyber Underground Offers DIY Criminal Wares For Cheap

Inexpensive and easily accessible cybercrime products and services as well as drugs, counterfeit documents, weapons, cater to would-be and existing criminals, new report says.

You dont have to be a stealthy hacker or member of organized crime to buy and sell goods in the North American cyber underground: its a wide open, easily accessible cyber marketplace that makes it easy for anyone to illegally buy weapons, crimeware, and botnets.
What sets the North American underground economy apart from that of Russia and other more stealthy cyber-based crime conduits is that its easy for novices to access -- theres no limited access like in the Russian underground. And that means it makes it easy for anyone to conduct cybercrime or access the tools for physical crime, a new report from Trend Micro has found.
Its more of an Amazon [type] shopping mall for goods and services, a one-stop shop for anything nefarious, says Tom Kellermann, chief cybersecurity officer at Trend Micro.
Many of the underground sites studied by Trend Micro are searchable via the Web. All it takes is the right search query, and a novice can access what he or she needs to perform criminal acts, such as guides for how to use VPNs or TOR for nefarious purposes, and goods and services for cybercrime (stolen payment card information), physical fraud (fake passports), drugs, and even murder. You can get ransomware in the US for $10, Kellermann notes.
But the brazen openness of the North American cyber underground also means its in the sights of law enforcement, a tradeoff the peddlers and buyers seem willing to risk. They get around getting busted by constantly changing up their sites: Although several criminal transactions are done out in the open, they are very fickle. The life span of most underground sites is short. They could be up one day and gone the next. Investigations will have to keep up with this fast pace,
Trend Micros report
says.
Theres also rampant competition among the vendors, which has made the purchase of these wares relatively inexpensive.
[When you think cybercrime, Japan probably isnt top of mind. But like anywhere else, the bad guys there are following the money, and an emerging yet highly stealthy underground economy is growing in Japan. Read
Japans Cybercrime Underground On The Rise
.]
One of the trademark offerings in the North American underground is crypting services, which offer bad guys a way to camouflage their malware from anti-malware systems. They submit their malware, and the providers check it against security tools and then encrypt it such that its no longer detectable. That service is available from $20 for a one-shot deal to $1,000 for a monthly offering.
The Xena RAT Builder crimeware kit is price anywhere from $1 to $50, and offers two levels of customer service: silver ($15) and gold ($20). Gold encrypts it so its undetectable. Would-be cybercriminals can buy a worm from between $7 and $10; botnet or botnet-builder tools for between $5 and $200; ransomware for $10; and the Betabot DDoS tool for $74.
There also are DDoS-as-a-service options, which start as low as $5 for 300 seconds of a 40 gigabits-per-second DDoS attack, to $60 for a 2,000-second 125Gbps DDoS. Bulletproof hosting services are also available for $75 per month.
A phony US passport costs $30, and a phony US drivers license, $145, Trend Micros researchers found.
Theyre [the sellers] trying to enable anyone with criminal intentions. Thats problematic, Trend Micros Kellermann says. It speaks to more crime having a duality to it, and with cyber-components.
Unlike the Russian underground, North Americas has no organizational structure, he says. Germanys is the most sophisticated in operational security … Russia is selling the most zero-days and advanced attack platforms.

Last News
▸ ArcSight prepares for future at user conference post HP acquisition. ◂ Discovered: 07/01/2025 Category: security	▸ Samsung Epic 4G: First To Use Media Hub ◂ Discovered: 07/01/2025 Category: security	▸ Many third-party software fails security tests ◂ Discovered: 07/01/2025 Category: security

**Cyber Security Categories**
Google Dorks Database	Exploits Vulnerability	Exploit Shellcodes

CVE List

Tools/Apps

News/Aarticles

Phishing Database

Deepfake Detection

Trends/Statistics & Live Infos

Tags:
Brazen North American Cyber Underground Offers DIY Criminal Wares For Cheap