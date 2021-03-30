30 March 2021 11:47 IST

Underground forum is one of the platforms cybercriminals frequent to discuss a range of topics from operational security to server functioning

A research by cybersecurity firm Digital Shadows shows that the prime talking point on dark web forums is how hackers can avoid being detected by law enforcement agencies.

Underground forum is one of the platforms cybercriminals frequent to discuss a range of topics from operational security to server functioning. Forum users are constantly talking about ways to stay anonymous and sharing recommendations to avoid real-life identities being linked to online activity. Another common topic of discussion is hard drive encryption or erasing. A user said without proper measures, law enforcement “will find whatever takes their fancy.”

Around many topics, the risks of working with others came up many times. A post read, “you can’t have friends on the darknet.” It further warned others to restrict communication as majority of people on the dark web can sell you out.

On the flipside, Digital Shadows found comments claiming they made friends on these forums and developed a solid cybercriminal career thereafter.

An important aspect of a cybercriminal activity is choosing who to target. “One often-quoted tenet of the Russian-speaking cybercriminal community is that law enforcement will leave you alone if you do not target victims in former Soviet Union nations,” Digital Shadows said in the report.

One forum user noted that if you’re working on the Russian Federation, then [law enforcement will] hunt you down, but if you’re working on the EU or the US, then nothing will happen, no one will care.

However, the recent takedown of Emotet by Dutch law enforcement and international partners may suggest otherwise, but the popularity of the view on the forums is telling.

In addition to this, traveling abroad might not help criminals evade the law, the discussions indicate. Many in the Russian-language cybercriminal scene understand that while their governments might leave them alone, they would not be so lucky when venturing abroad.

“[these hackers] live peacefully in Russia, decided to go on holiday abroad – and that’s it, they don’t even make it out of the airport without the cuffs on,” a user commented.

Once the law gets its eye on them, most cybercriminals doubt they could wriggle out of detention once the cops are at the door. Some users on Russian-language forums said that law enforcement would not stop at anything to get information, even sharing graphic anecdotes and police torture. And, unlike other criminals, cyber criminals would not be able to sustain physical punishment.

While some users disagreed, saying that police’s threats are empty and only an idiot would fall for the cops’ bluff.

Even after getting caught, some in the cybercriminal community are pretty bullish about the prospect of actually being convicted of any crime. A user commented that if any dark web

site were compromised, this would only provide law enforcement “the [mere] prospect of identifying entities and facts concerning illegal activities; little can be used in court even if you post about the sale of malware, installs, etc., there can be no proof that it was really you who wrote them.”

Digital Shadows noted that conviction rates for cybercrime in Russia have fallen in recent years. Even in Western countries like the US, it’s notoriously challenging to convict cybercriminals compared to, say, those accused of offline theft or drug dealing.

Many users said that law enforcement and the courts could be corrupted and they must save funds to bribe the right individual. They backed their claims with anecdotes of personal experiences of evading prosecution through paying people off.

Despite all the methods, strategies and ways to evade the law enforcement, threat actors’ discussion suggests that the threat of prosecution is real in the minds of cybercriminals.