Monetization of Cybercrime: It’s All About the Money

The monetization of cybercrime has diversified while deep web credential market activity has been accelerating. Here's why that's serious.
monetzation of cybercrime blog header image

Table of Contents

Over the last year, there has been a marked increase in activity on dark web forums that sell access to compromised networks. A new report released by Lumu titled “Flashcard Report: Monetization of Cybercrime” shows how this increase is more sinister than it appears at first glance.

The Credential-selling Business is Booming

Individual sales of access to compromised networks have increased by 50% in 2021. What’s more, the market has diversified a lot. A couple of years ago, these markets were primarily just selling credit card details; now you can purchase access to remote desktop connections, mail servers, and much more. The already-compromised networks of businesses representing every country and industry can be bought and sold.

Your Network Means Money

Cybercriminals will monetize access to your network however they can, depending on their skills and resources. Among the techniques for turning your network into elicit gains, the easiest is to deploy a cryptomining botnet. But as the cybercriminal digs deeper into your network, they will try to develop an attack that can be more lucrative for them and more damaging for the victim, such as a ransomware attack. If they are not able to develop such an attack themselves, then the access can be sold to another APT group that does have the skills and resources to do so. 

Lumu’s Take on the Monetization of Cybercrime

We’ve seen at Lumu that ransomware attacks never happen in isolation. There is always another type of threat like malware or a botnet that shows up first. The result is that there is no such thing as a ‘minor threat’. One type of compromise can easily turn into another. As Lumu CEO Ricardo Villadiego points out in his article on DarkReading, cryptomining botnets are the ‘canary in the mine’: an early indication that something is very wrong.

We invite you to download the full report “Flashcard Report: Monetization of Cybercrime” for a more detailed look into this phenomenon.

Subscribe to Our Blog

Get the latest cybersecurity articles and insights straight from the experts.

Share this post



Lumu’s RSA Conference Recap

Reading Time: 2 mins Lumu attended RSA Conference 2020, featuring on cybersecurity news sites including Dark Reading,, and CRN.

Conti ransomware group alliances

Conti Ransomware Group: the Alliances Behind the Chaos

Reading Time: 4 mins The Conti Ransomware Group has recently unleashed a series of attacks on nations including Costa Rica, resulting in the declaration of a state of emergency. The key to their success is the network of alliances that they have built with precursor malware operators.