SecurityBrief US - Technology news for CISOs & cybersecurity decision-makers
United States
Guides
#
cloud security
#
cybersecurity
#
endpoint protection
#
firewalls
#
ransomware
Search
Story image
#
Ransomware
#
Phishing
#
Advanced Persistent Threat Protection

Report explores Russian cyber underground's global impact

Mon, 14th Apr 2025
Author image
By Kaleah Salmon, Journalist

Trend Micro has published a comprehensive research paper analysing the influence of geopolitical events on the Russian-speaking cyber underground and its impact on global cybercrime.

The research paper delves into several significant developments within this digital domain, examining how the landscape has been reshaped by various factors such as the long-term impacts of the pandemic, mass breaches, advances in ransomware, and the rise of artificial intelligence (AI) and Web3 technologies. It also considers the exposure of biometric data as cyber threats evolve.

The Russian-speaking cyber underground is portrayed as an organised and culturally distinct network. Its members abide by codes of ethics and utilise reputation systems. The community is described as both resilient and sophisticated, with its operations mirroring those of legitimate enterprises.

Vladimir Kropotov, Principal Threat Researcher at Trend Micro and co-author of the report, commented, "This isn't just a marketplace, it's a structured society of cybercriminals where status, trust, and technical excellence determine survival and success."

Fyodor Yarochkin, also a Principal Threat Researcher at Trend Micro and co-author of the research, added, "The Russian-speaking underground has cultivated a distinctive culture that blends elite technical expertise with strict codes of conduct, reputation-based trust systems, and collaboration that rivals legitimate enterprises. This isn't just a collection of criminals, it's a resilient, interconnected community that has adapted to global pressure and continues to shape the future of cybercrime."

The paper highlights key rising criminal operations in the Russian-speaking underground, such as ransomware-as-a-service, phishing campaigns, and account brute forcing. It also discusses monetising stolen Web3 assets, intelligence gathering services, and privacy exploitation.

According to the researchers, geopolitical changes have also had a considerable impact on the cyber underground. Vladimir Kropotov noted, "Geopolitical shifts have rapidly transformed the cyber underground. Political conflicts, rising hacktivism, and changing alliances have eroded trust and reshaped collaboration, spurring new ties with other groups, including Chinese-speaking actors. Spill-over into the EU is growing."

The paper stresses the urgency of understanding the sophisticated methods used by these cybercriminals, especially as they increasingly incorporate advanced technologies such as AI and Web3.

As part of Trend Micro's long-standing Cybercrime Underground research series, this document provides valuable insights for threat intelligence communities, business leaders, law enforcement, and cybersecurity professionals. It is a critical resource for those tasked with safeguarding essential infrastructure, enterprise assets, and national security from evolving digital threats.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
ManageEngine expands AD360 with over 100 new integrations
CyberArk & Accenture integrate AI Refinery for security
N-able integrates Adlumin for Microsoft 365 breach prevention
Kaspersky wins nine AV-TEST awards for cybersecurity excellence
Microsoft April Patch Tuesday highlights zero-day risks
Top stories
SentinelOne tops Frost Radar for endpoint security in 2025
Cloudflare unveils Workers VPC for enhanced app security
Tax Season Success: The Founder's Guide to Financial Clarity
Illumio unveils AI-powered cloud detection & response tool
Infosecurity Europe introduces SANS masterclasses 2025