The Taiwanese multinational security software company, Trend Micro, released a report about Middle East and North African cybercrime. Experts at Trend Micro explained the difference between different underground cybercrime communities such as the American one, the Russian, the Japanese, the Chinese and the Brazilian market.
Trend Micro’s report
According to the security company the marketplaces in those two areas have plenty of malware tools, but it is pretty difficult for an outsider to purchase these kinds of services. Most registration tools require a fee and the Arabic language is a barrier.
The report explains that the Middle Eastern and North African underground cybercrime markets are very cautious and they operate in a similar way to the French underground. They are not like those in North America, customers cannot window-shop. Even viewing links or full forum posts require paying a fee and making an account.
It is not easy to set up an account, the registration process I pretty long and it requires paid membership in bitcoins and knowing the language. There are very few English forums. Once in, most actors do offer for free hacking tools such as malware component and instruction manuals on how to operate them.
Characteristics of the Middle Eastern and North African underground markets
Apart from having a tricky registration, the underground markets in these regions operate under the same ideology and cybercrime. Members cooperate with each other and plan together massive cyber attacks: DDoS attacks and spam campaigns mostly.
Inside the report, the Middle Eastern and North African markets are also regarded as very different from the Russia and Chinese markets which are mostly profit-driven and not following a certain ideology.
Ed Cabrera, Trend Micro’s chief cybersecurity officer, notices that religion plays an important role into these two markets and it influences the way in which users interact or what they sell.