Part Three - The Criminal Overground

Much attention is paid to the underground economy in the media with a huge focus on the availability of malware on underground and so-called ‘darknet’ forums. These underground services may make a more exciting story, but the recurring theme throughout the past two posts in this series has been the ready availability of commercial tools written without malicious intent which can nonetheless be turned to ill purposes.

Instead of relying on underground sources to provide the payload then simply obfuscating and deploying it using publicly available tools, the reality is that an individual with malicious intent could assemble an effective campaign from ‘off-the-shelf’ products available quite openly on the Internet.

The question is, how much skill is required?

Article Link: https://blogs.forcepoint.com/security-labs/part-three-criminal-overground