The Business of Fraud:Botnet Malware Dissemination
Get Trending Threat Insights with Cyber Daily Subscribe Today

The Business of Fraud: Botnet Malware Dissemination

November 12, 2021 • Insikt Group®

Insikt Group

Editor’s Note: The following post is an excerpt of a full report. To read the entire analysis, click here to download the report as a PDF.

Recorded Future analyzed current data from the Recorded Future® Platform, as well as dark web and open-source intelligence (OSINT) sources, to review botnets (“not-auto buy” botnets) that facilitate nefarious activities by threat actors. This report expands upon findings outlined in “The Business of Fraud: An Overview of How Cybercrime Gets Monetized. It will be of most interest to anti-fraud and network defenders, security researchers, and executives charged with security and fraud risk management and mitigation.

Executive Summary

Botnets are networks of computers infected by malware (such as computer viruses, keyloggers, and other malicious software) that are controlled remotely by online threat actors to garner financial gain or to launch attacks on websites or networks. When a computer is infected by a botnet, it communicates and receives instructions from command-and-control (C2) computers located around the globe. Many botnets are designed to harvest data, such as passwords or phrases, Social Security numbers (SSNs), credit card numbers, addresses, telephone numbers, and other personally identifiable information (PII). The data is then used for nefarious purposes, such as identity theft, credit card fraud, spamming or phishing, website attacks, and malware distribution. 

Key Judgments

  • While IcedID has surged in spam volume, TrickBot and QakBot have shown much more consistency in the volume of spam and infection traffic pertaining to fraud purposes since Emotet’s takedown.
  • Financially motivated threat actors, nation-state actors, and APTs in various international regions will continue to use botnets for fraudulent purposes to attack targets.
  • Underground forum courses on how to best use botnets will remain popular among threat actors for the foreseeable future, particularly as the world becomes increasingly digitized.

Editor’s Note: This post was an excerpt of a full report. To read the entire analysis, click here to download the report as a PDF.

New call-to-action

Related Posts

Magecart Groups Abuse Google Tag Manager

Magecart Groups Abuse Google Tag Manager

December 6, 2021 • Gemini Advisory

Editor’s Note: The following post is an excerpt of a full report by Gemini Advisory To read the...

Cyber Threats to Veterans in 2021: Spam and Scams Exploit Support for Veterans

Cyber Threats to Veterans in 2021: Spam and Scams Exploit Support for Veterans

November 16, 2021 • Insikt Group®

Editor’s Note: The following post is an excerpt of a full report To read the entire analysis,...

Termination of Federal Unemployment Programs Represents Turning Point for Fraudsters

Termination of Federal Unemployment Programs Represents Turning Point for Fraudsters

October 28, 2021 • Insikt Group®

Since early 2020, Recorded Future has continued to witness prominent changes within underground...