ChannelLife Canada - Industry insider news for technology resellers
Canada
Guides
#
cloud services
#
cybersecurity
#
distributors
#
microsoft
#
partner programmes
Search
Story image
#
Phishing
#
AI
#
Cybersecurity

Trend Micro explores Russian cyber underground's influence

Today
Author image
By Kaleah Salmon, Journalist

Trend Micro has published a research paper examining the Russian-speaking cyber underground and its influence on global cybercrime.

The report, titled "Inside the Russian-Speaking Underground: The Frontline of Global Cybercrime," analyses how this ecosystem has evolved in response to recent geopolitical events, changes in cyberattack methods, and the adoption of new technologies, including artificial intelligence and Web3. It also discusses the impact of growing biometric data exposure and the fallout of mass security breaches.

Trend Micro's research traces major trends impacting the underground economy, such as the effects of the COVID-19 pandemic, the rise of double extortion ransomware attacks, and the increasing accessibility of AI-driven tools for both criminals and defenders. The paper notes that the Russian-speaking cyber underground has developed into a highly specialised network, characterised by collaborative communities and organisational structures previously seen mainly in legitimate enterprises.

"This isn't just a marketplace, it's a structured society of cybercriminals where status, trust, and technical excellence determine survival and success", said Vladimir Kropotov, co-author of the research and Principal Threat Researcher at Trend Micro.

Fyodor Yarochkin, co-author and Principal Threat Researcher at Trend Micro, elaborated on the unique attributes of these communities: "The Russian-speaking underground has cultivated a distinctive culture that blends elite technical expertise with strict codes of conduct, reputation-based trust systems, and collaboration that rivals legitimate enterprises. This isn't just a collection of criminals, it's a resilient, interconnected community that has adapted to global pressure and continues to shape the future of cybercrime."

The research paper identifies several criminal operations gaining momentum within these circles, including ransomware-as-a-service, targeted phishing campaigns, brute-force attacks against user accounts, and the monetisation of stolen Web3 assets. The study also highlights the increasing sophistication of intelligence-gathering services, privacy exploitation systems, and the blending of cyber and physical threats.

Geopolitical changes are shown to have a direct impact on the cyber underground, with the report pointing to shifts in political alliances, a rise in hacktivism, and the breakdown of established trust between different groups. These changes are also facilitating new collaborations, notably with Chinese-speaking threat actors, and contributing to the spread of cybercriminal activities into the European Union.

"Geopolitical shifts have rapidly transformed the cyber underground," said Vladimir. "Political conflicts, rising hacktivism, and changing alliances have eroded trust and reshaped collaboration—spurring new ties with other groups, including Chinese-speaking actors. Spill-over into the EU is growing."

The adoption of advanced technologies such as artificial intelligence and Web3 platforms is further driving change in the Russian-speaking cyber underground. The paper argues that these developments are making cybercrime both more scalable and harder to track, highlighting the need for organisations and authorities to develop a deeper understanding of the motivations, cultures, and tactics involved.

The new report is the 50th instalment in Trend Micro's Cybercrime Underground research series, which spans nearly 15 years. The series is intended to inform security professionals, policy makers, and business leaders about global threat intelligence and the latest cybercrime trends affecting both enterprises and national infrastructure.

Trend Micro's findings underscore the importance of ongoing research and international cooperation to counteract the evolving threats posed by cybercriminal organisations operating in the Russian-speaking underground. The paper provides historical context and detailed analysis for use by law enforcement, cybersecurity teams, and business leaders concerned with the protection of critical systems and digital assets.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
Microsoft's 2024 vulnerabilities hit record high, report says
NFL partners with NetApp to enhance data management
AI success linked to digital overhaul, says Boomi chief
OutSystems to host AI-focused ONE Conference for global experts
Study reveals lack of data systems for AI advancement
Top stories
Fuse partners with Check Point for real-time blockchain firewall
Ketan Tailor appointed as Barracuda's Chief Customer Officer
Datadog named leader in The Forrester Wave AIOps report
AMD partners with TSMC for 2nm process debut in Venice CPU
Google Threat Intelligence explains China’s evolving cyber tactics