Cyber-criminals are realising there’s plenty to learn from legitimate business

Cyber-criminals are realising there’s plenty to learn from legitimate business

Cybercrime has grown up. It is now a multi-billion dollar industry bigger than most “traditional crime” and on par with many traditional, non-criminal industries.

The rise of Cybercrime-as-a-service has made hacking easier and more business-like than ever before. Organised cyber-crime gangs have become far more professional and troublesome than any bored lone-wolf. Cyber-criminal markets even do Black Friday-like deals now.

But despite growing up and becoming more organised, it’s still the internet. And trust is always at a premium. According to one Microsoft Research paper, “ever-present rippers who cheat other participants ensure that the market cannot operate effectively”. These cheats – aka Rippers - fail to provide the goods or service for which they’ve been paid, whether that’s a low quality of malicious software, providing fake data dumps, or selling the same information multiple times and therefore reducing the value (especially for bank account information, which may well have limits in place).


Yelp for cybercrime, is a new website designed to help foster trust between cybercriminals and call out those prone to double-crossing their fellow cohorts. Vice called it “Yelp for Cybercrime”, while SC Magazine labelled Ripper as “Rat-as-a-Service” site.

“Fraud between cyber criminals has always been an issue that limited the profitability of their malicious campaigns,” says Michael Marriott, Research Analyst, at security firm Digital Shadows. “Cyber-criminal markets are lemon markets where buyers can’t differentiate low and high quality goods, therefore providing a breeding ground for rippers.”

“Every transaction within the market then comes with a “ripper tax” attached to it, decreasing profits for both legitimate buyers and sellers. This in turn, slows the market down and makes further cyberattacks less lucrative.”


Set up in June of last year, Ripper aims to provide cyber criminals with better visibility of who they are trading with and reduce the likelihood of being ripped off. The database currently contains over one thousand profiles, and includes various contact and identification information, as well as details of the specific scams the perpetrators have pulled. As well as a clean and professional UI, Ripper offers Firefox and Chrome extensions, as well as a jabber (PsiPlus) plugin.

“Criminal marketplaces have for some time copied the ‘eBay model’ of seller feedback to engender trust within their communities and help cut down on the ripper issue. Services like have the potential to remove the ‘ripper tax’ and enable criminal marketplaces to flourish to the detriment of legitimate businesses and the general public.”


Startup mode

Much like any of today’s trendy startups, Ripper is chasing growth, not revenue, in its early days. “ appears to be in ‘start up mode’,” says Marriott, whose company has been keeping track of Ripper and other underground activity. “There is limited advertising and suggestions of a subscription-base model to come but at the moment it is more concerned with attracting a loyal number of users and adding intelligence to the platform in the form of a detailed list of known rippers.”

Cyber-criminals are even embracing the business world’s growing love of Openness. According to Marriot, the people behind Ripper have promised the source code will be open source, and outlined the business model will be ad-driven, at least for the near future.

“It has been open with its roadmap as just as with legitimate online businesses, without understanding how Ripper makes money, the customers won’t trust it.”

While Ripper is dedicated to taking the scammers out of cyber-crime, there are lessons that can be learned for legitimate businesses if they look to use it as a useful resource. If, for example, a particular user is selling data pertaining to your organisation, Ripper can be used to assess their credibility and reputation, and thus gauge how legitimate their claims are.


Mirroring legit businesses

In Digital Shadows’ report on Ripper, the company labels it another way that cyber criminals are looking to monetise services and “mirror legitimate business models”.

“Cybercriminals are realising there’s plenty to learn from legitimate business, whether this is through better marketing or product features,” explains Marriott. “This doesn’t just apply to reputation services, either. Recent ransomware variants such as Spora have an incredibly impressive user interface and business model.”

“Many criminal organisations also have sophisticated support functions including Freephone numbers and online chat capability which in some cases would be the envy of legitimate businesses. We’ve even seen the existence of “PR representatives” for marketplaces who seek to engage with frustrated users on other forums.”


Also read:
Will a cyberwar détente result in businesses facing more cybercrime?
Does hacking pay?
InfoShot: Hacking doesn’t pay
Cybercrime more prevalent than traditional crime in UK
The future of machine learning in cybersecurity: What can CISOs expect?


«The CMO Files: Tim DeBrincat, olloclip


C-suite talk fav tech: Richard Walton, Avirtual»
Dan Swinhoe

Dan is Senior Staff Writer at IDG Connect. Writes about all manner of tech from driverless cars, AI, and Green IT to Cloudy stuff, security, and IoT. Dislikes autoplay ads/videos and garbage written about 'milliennials'.  

  • twt
  • twt
  • Mail

Our Case Studies

IDG Connect delivers full creative solutions to meet all your demand generatlon needs. These cover the full scope of options, from customized content and lead delivery through to fully integrated campaigns.


Our Marketing Research

Our in-house analyst and editorial team create a range of insights for the global marketing community. These look at IT buying preferences, the latest soclal media trends and other zeitgeist topics.



Should the government regulate Artificial Intelligence?