Security experts have recently reported that cybercriminals are increasingly shifting to using “forgotten” websites to attack users, rather than relying on “illegal tools” such as malicious applications to infiltrate PCs and steal users’ bank accounts, as they did in the past.
It can be said that these types of websites have now seemingly become a “new fertile land” for cybercriminals. The primary reason for this new trend, according to experts, is that using these websites makes it harder to trace their origins.
Jim Melnick, an expert from Idefense, noted that abandoned websites have transformed into hundreds of new bustling “markets” for cybercriminals. “In my opinion, these websites can be compared to low-income areas forgotten by landlords or places for drug dealing. If someone dares to step into a corner of these territories, I am sure they will venture into other corners within that area.”
Financial fraud in 2005 cost consumers and businesses nearly $15 billion, with over 10 million victims falling prey to bank account thieves. Statistics from market research firm Gartner are startling. The hardest hit are businesses, while consumers may receive compensation for their losses, businesses often do not.
Security experts fear that sooner or later, cybercriminals specializing in stealing personal information or bank accounts will turn to harder-to-detect locations—specifically, forgotten websites.
For instance, nowadays, advertisements for software designed to steal personal account information often appear on the least suspicious websites, making it difficult for regulators to detect them.
Melnick from Idefense believes that an increasing number of cybercriminals will turn to forgotten websites after governments around the world focused on cracking down on these criminals last year.
Johannes Ullrich, a researcher at the SANS Institute, stated that cybercriminals can seize a forgotten website to serve their dark purposes for months or even years before they are discovered. Meanwhile, obtaining information about the owners of these websites is often very challenging, as the administrators have removed all personal details. Whenever someone closes a website, cybercriminals will set up a “store” at that address.
“This is truly a serious issue,” Ullrich said. “We can’t do much. It’s like a strong blow to a seawall.”
Meanwhile, security experts attribute the disappearance of several websites to the U.S. government’s decision last year to focus on cracking down and shutting down some cybercriminal websites. This has forced many criminal organizations to seek out forgotten websites to “revitalize” their fraudulent activities.
“It’s all like something wild—like the Wild West for those who want to walk on their own but cannot assert themselves in a criminal organization. A rather simple philosophy.”