Sophisticated government spying tools are spreading like wildfire in the underground criminal market. As a result, amateur hackers are being mistaken for high-profile, government groups.
Symantec Security, a leading security research firm, raised this concern in a recent blog post.
Researchers highlighted the case of a Russian cybercriminal, who was nicknamed Igor by Symantec analysts. Igor used a complex malware to infiltrate the network of large companies. Called Trojan.Bachosens, the malicious software was predominantly used by nation-state actors, which confused researchers working on the case.
“The malware in question, Trojan.Bachosens, was so advanced that Symantec analysts initially thought they were looking at the work of nation-state actors,” said Jon DiMaggio, an espionage researcher, during a phone interview with Reuters earlier this week. “Further investigation revealed a 2017 equivalent of the hobbyist hackers of the 1990s.”
Unlike amateur hackers who resort to “spray and pray” methods, Igor carried out targeted attacks on international establishments, including an airline company and a China-based automotive technology business. Researchers believe the cybercriminal was seeking large financial payouts.
In the attack on the Chinese auto-tech company, Igor targeted car diagnostics platforms, which he could sell on the black market at discounted prices (a few hundred dollars, compared to thousands of dollars from legal retail markets).
Surprisingly, the hacker flew under the watchful radar of security analysts for years. The auto-tech company reported the issue back in 2009, while Symantec recently identified the malware in 2014.
The security firm warns other cybercriminals could be using similar tactics to streamline online attacks.
ShadowBrokers, a notorious hacker group responsible for providing criminals with spying programs and digital tools, is threatening to distribute a handful of government spying tools in July for 100 ZEC ($21,000).
“Attribution is almost never a clean, smoking-gun,” said Paul Vixie, creator of the first commercial anti-spam service.