“The French Underground: Under a Shroud of Extreme Caution”, another interesting report published by Trend Micro on illegal activities in the Dark Web.
The dark web is a privileged place where hackers and criminals offer for sale or for rent any kind of illegal product and services. The moth popular Dark Net, the Tor network, host numerous black markets where it is possible to find any kind of product, including drugs, weapons, and malicious codes.
Cedric Pernet, a threat researcher at Trend Micro, have discovered that a group of French hackers is selling concealed weapons including so-called pen guns. The weapons fire .22 Long Rifle bullets and are offered for sale on highly secretive crime forums.
The weapons are being sold for €150 (US$169), the sellers also published a video that shows how the pen guns work.
The same hackers are also offering for sale concealed weapons like knuckle dusters and knives.
The security expert explained that the concealed weapons are a prerogative of some French crime forums where it is possible find other strange goods, including euthanasia kits.
“Pernet finds the concealed weapons are unique to the French crime forums, along with euthanasia kits, and bank account registration services which help criminals outsource the tremendous risk stemming from France’s requirement that accounts be opened in person at branches.” reported ElReg. “French criminals are also willing to cop traffic infringement demerit points and have their details put down as a nominated driver, for a price.”
The offer, of course, includes also classic goods and services including, exploit kits, payment card data, drugs, and data dumps.
According to the expert, a distinctive sign of the French criminal underground is the high levels of identity vetting, differently from other criminal ecosystems it is very secretive and it is hard for wannabe criminals to enter the crime ring.
This characteristic is opposite to the approach of the North America criminal communities as explained Trend Micro is a previous analysis.
“It doesn’t exist in the dark web as much as other undergrounds do, or practice as much security,” ,”Essentially, it’s become a gun show for everyone as long as they can participate and are willing to pay.” says Tom Kellermann, chief cybersecurity officer at Trend Micro.
“The North American Underground primarily caters to customers within the region–users based in the United States (US) and Canada. Unsurprisingly, most of the offerings (stolen accounts, products and services, and fake documents) are US based. This is consistent with what we see in the Japanese1 and Brazilian2 undergrounds and suggests that US-based information is most sought after in it.” states the report.
Crooks in the French underground hide their activities in the dark web, french black markets enforce mandatory five percent commission escrow payments in order to avoid scams.
The dimension of the French underground community has been estimated of some 40,000 hackers, according to the Gendarmerie Nationale and Police Nationale, the turnover for the many crime forums of approximately of €5 – €10 million a month.
“Overall, the French underground is a small market that caters more to niche requirements for committing fraud against the French-speaking victim base. It operates under a shroud of caution. Its players are not only wary of law enforcement agencies that implement stringent cybercrime laws, but even of players (forum/marketplace/autoshop administrators/members) who may be working with the former. Amid such seemingly blinding lights shining on it, is the French underground bound to thrive like its big brothers? And if it does, what can the security industry do about it?” Pernet wrote in report titled “The French Underground: Under a Shroud of Extreme Caution“
In French, many individual or criminal groups operate their own markets, dubbed “autoshops” hosted on the dark web. They advertise autoshops on various marketplaces and forums and directly deals with potential customers and buyers.
“There are roughly three ways for fraudsters to sell illicit goods and services in the French underground. Some simply advertise their wares in popular marketplaces. Others prefer to stay well under the radar, not advertising but profiling potential buyers then more directly approaching them. But probably most common and, arguably unique to France, is by running so-called “autoshops,” small online shopping places owned and operated by the sellers themselves” reads the report on the French Underground.
Autoshops are very popular in the French underground, for this reason, some cybercriminals earn by providing autoshop-creation services (good example of crime-as-a-service). Just €400 are sufficient to start an autoshop on Internet (both Dark and Serface web). The services take care of everything aspect, including domain registration, installation and hosting, customization, and even backup.
Let’s close with a consideration of Payment systems more popular in the French underground, Bitcoins and Prepaid Card Services (PCS).
Bitcoin offer a reasonable level of anonymity, are easy to obtain and transfer without the need for proper identification.
PCS cards are prepaid payment cards that can be bought anywhere in France. Criminals can buy them online or physically in stores where some merchants don’t even require them to provide proper means of identification (ID).