#privacy: Research reveals rapid increase in monetisation of IoT attacks

Internet of Things

In a report released by Trend Micro, it was found that cybercriminals are focusing their attention to hacking Internet of Things (IoT) devices.

The “Internet of Things in the Cybercrime Underground” report explained how IoT devices are increasingly being utilised within homes and businesses to improve user experience and services, therefore it becomes an “irresistible target” for cyber criminals. 

The report analysed five underground communities to determine how cybercriminals are abusing and monetising connected devices. 

The results revealed that the Russian- and Portuguese-speaking forums are the most advanced and sophisticated criminal markets. Additionally financially driven attacks are the most prominent in these forums. 

Within these forums, it was found that the cybercriminal activity focused on selling access to compromised devices, such as webcams and printers – so they can be leveraged for attacks. 

The Russian-speaking market thrives on exploits for routers, customised firmware for smart meters, router-based botnets for sale and talks of hacking gas pumps. WIthin the Portuguese-speaking forum, the report saw requests for information and hacking tutorials, but most interestingly ads for services that utilised infected routers and similar devices for further criminal services. 

“We’ve lifted the lid on the IoT threat landscape to find that cybercriminals are well on their way to creating a thriving marketplace for certain IoT-based attacks and services,” said Steve Quane, executive vice president of network defense and hybrid cloud security for Trend Micro. 

“Criminals follow the money – always. The IoT market will continue to grow, especially with landscape changes like 5G. While IoT attacks are still in their infancy, we also found criminals discussing how to leverage industrial equipment for the same gain. Enterprises must be ready to protect their Industry 4.0 environments.”

Within the English-speaking forums, there were plenty of tutorials identified on how to attack and exploit a variety of devices. With the most talked about device being routers and webcams. 

The report also identified that the majority of conversations and active monetisation schemes focus on consumer devices. Nevertheless, discussions are taking place on how to compromise connected industrial devices. To monetise attacks against industrial devices, digital extortion attacks that threaten production downtime would have to be conducted. 

“Besides webcams, routers, and printers, we noticed an interest in other less common devices. For instance, we saw a forum where users shared “aztarna,” an automated discovery tool for industrial robots that is commonly used for legitimate purposes. These kinds of requests are sparse, but they certainly do exist,” the report wrote.

The report concluded: “As more devices with better capabilities connect to the internet, cybercriminals will keep trying to find new ways of infecting them and make money from those infections.”


PrivSec Conferences will bring together leading speakers and experts from privacy and security to deliver compelling content via solo presentations, panel discussions, debates, roundtables and workshops.

For more information on upcoming events, visit the website.

We have been awarded the number 1 GDPR Blog in 2019 by Feedspot.

Privacy Culture: Data Privacy and Information Security Consulting, Culture & Behaviour, Training, and GDPR maturity, covered. https://www.privacyculture.com/