In these difficult and challenging times, it is helpful to try and look on the “bright side” and perhaps introduce a touch of levity into our massively-adjusted daily lives.
The Coronavirus/COVID-19 pandemic has affected everyone, but on said “bright side” it has also brought disruption to the businesses of cybercriminals. Among those seeing a downturn in trade are vendors of fraudulent and stolen data as well as illicit items like drugs. The strain on “supply”, from a shipping and logistics perspective, along with increased screening and scrutiny within various postal operations and shipping companies has had a very clear effect on illegal operations.
This impact has been felt, especially with online drug and chemical vendors.
In the last week or so, we observed a number of sites being updated to reflect current issues and difficulties surrounding COVID-19.
How COVID-19 Has Disrupted Cybercrime
One of the earliest examples of this phenomenon was the online drug and chemical vendor ‘Pushing Taboo’. The site was forced to announce temporary closure as a result of the Covid-19 pandemic.
Their message was later expanded to provide additional information and guidance. And, similar to any legitimate business, they describe their current contingency plans, including partial refunds and a “massive sale” once things return to normal.
For a vendor that has not ceased operations for the last 8 years, it is remarkable that the current health crisis has done more to disrupt their business than anything else during that time.
Not every vendor is faced with a full shutdown, however. Many are shifting processes and alerting their customers to expect delays in shipments, especially in specific regions where lockdowns and increased package inspection are in place. Cocaine, heroin, and ecstasy vendor ‘cokehero’ updated their site to reflect shipping issues with specific countries:
Criminals with Crocodile Tears?
Illicit businesses are still businesses, and every successful business needs to put its customers first, or at least appear to be doing so. As a result, there is a running theme with most of these. They offer helpful hygiene advice (wash hands, stay inside, etc.) along with their situational update. In the previous example, the vendor ‘cokehero’ goes the extra mile to remind site visitors to wash their hands and disinfect all packages upon receipt. We see similar guidance from other vendors as well.
Below, “MushMerica” reminds customers to wash hands and delay opening packages for approximately one week.
“BlueMagic”, a distributor of Cocaine, bullishly proclaim it’s “Business as usual” for them, but they go on to point out that delivery is dependent on local conditions. Your order will arrive “As soon as your country delivers it!”. And of course, their “Corona Virus Update” ends with a perfunctory “stay safe people”.
Meanwhile, “DutchDrugz”, a supplier of a wide-range of narcotics, issued an update on March 16th informing its customers that distribution had been heavily impacted by lockdowns in the EU and worldwide. The message expresses a note of sympathy for anyone having contracted the virus and reminds customers to “follow advice and stay away from impaired & elderly people”.
Two days later, “DutchDrugz” were forced to post another message stressing that they were still in business, as clearly the first update had backfired and caused a negative impact on their sales:
Online drug dealers are not the only ones feeling the constraints of this global health issue, either. Bettings sites and professional ‘match fixers’ are feeling the effects as well.
In the example below, we see updates from “BettingLeaks 2.0” providing guidance on events that are cancelled or otherwise affected by COVID-19.
The message outlines the problems caused by a lack of live sporting fixtures, and promises refunds where necessary.
At the end of the day, we are all affected by the current COVID-19 outbreak. While we all adjust our daily lives and work to “flatten the curve”, it is nice to know that this health crisis does not discriminate. Criminal enterprises and operations are being impacted in a good way (well…bad for them). Hopefully, this brings a touch of cheer while reading this from your home office, couch or bed. There’s some small comfort to be had from knowing that our usual, anti-social adversaries are feeling the effects of the global pandemic in their pockets. We encourage everyone to continue to follow prescribed guidelines to keep yourselves and your loved ones safe, and as one of the messages above puts it, “hopefully, these dark times end faster than we think”.
Read more about Cyber Security
- Enterprise Employees | 11 Things You Should Never Do at Work (or Home)
- COVID-19 Outbreak | Defending Against the Psychology of Fear, Uncertainty and Doubt
- macOS Malware Researchers | How To Bypass XProtect on Catalina
- COVID-19 Outbreak | Employees Working from Home? It’s Time to Prepare
- Mind Games | The Evolving Psychology of Ransom Notes
- Business Email Compromise | What is BEC (And How Can You Defend Against It)?
- What is Hacktivism? And Why Should Enterprise Care?