"Traffers Threat: The Invisible Thieves"
Traffers, also known as "workers," are cybercriminals who redirect Internet users' network traffic to malicious content that they operate, which is usually malware. Traffers typically work in teams to compromise websites to hook traffic and direct it to malicious content. They may also create websites with the same purpose. According to Sekoia researchers who have monitored Russian-speaking cybercrime forums, the traffer ecosystem comprises both highly skilled profiles and new profiles, making it an appealing starting point for those new to cybercrime. They discovered that the "lolz Guru" underground forum, in particular, shows constant new creation of traffer teams, with between five and 22 new traffer teams created every month of 2022 thus far. A traffer team may evolve and reorganize, merge with other teams, or restart from the beginning, making it difficult to assess their longevity of them. According to one traffer team administrator, it cost him $3,000 to create a traffer team of 600 people before selling it. In May 2022, a traffer team dubbed "Moon Team" was priced at $2,300. In a typical team, Traffers are led by one or more team administrators, who also manage malware licenses and the analysis and sale of logs collected by the traffers. Most of traffers' activity consists of redirecting Internet users to malware, 90 percent of which are information stealers. The malware may steal valid credentials for online services, mailboxes, cryptocurrency wallets, or credit card information. The team administrators sell those logs to other cybercriminals who profit from this data. This article continues to discuss researchers' observations of traffers' activities.
TechRepublic reports "Traffers Threat: The Invisible Thieves"