SYDNEY, April 9 2024— Trend Micro Incorporated (TYO: 4704; TSE: 4704), a global cybersecurity leader, today launched a new research paper, delivering a unique and comprehensive look into the Russian-speaking cyber underground, an ecosystem that has shaped global cybercrime over the past decade.

For the full report, please visit: https://www.trendmicro.com/vinfo/au/security/news/cybercrime-and-digital-threats/the-ever-evolving-threat-of-the-russian-speaking-cybercriminal-underground

Set against the backdrop of a rapidly evolving cyber threat landscape, the research paper explores major trends reshaping the underground economy: the long-term impacts of the pandemic, the fallout of mass breaches and double extortion ransomware, the explosion of accessible AI and Web3 technologies, and the widespread exposure of biometric data. As both cyber criminals and defenders grow more sophisticated, new tools, tactics, and business models are driving unprecedented levels of specialisation within underground communities.

The Russian-speaking underground stands apart as a uniquely organised, highly collaborative, and deeply cultural network of actors operating with their own internal codes of ethics, vetting processes, and reputation systems.

“This isn’t just a marketplace, it’s a structured society of cybercriminals where status, trust, and technical excellence determine survival and success”, said Vladimir Kropotov, co-author of the research and Principal Threat Researcher at Trend Micro.

“The Russian-speaking underground has cultivated a distinctive culture that blends elite technical expertise with strict codes of conduct, reputation-based trust systems, and collaboration that rivals legitimate enterprises,” said Fyodor Yarochkin, co-author and Principal Threat Researchers at Trend Micro. “This isn’t just a collection of criminals, it’s a resilient, interconnected community that has adapted to global pressure and continues to shape the future of cybercrime.”

The research dives deep into key criminal operations gaining momentum in this space, including ransomware-as-a-service schemes, phishing campaigns, account brute forcing, and monetising stolen Web3 assets. Intelligence gathering services, privacy exploitation, and the merging of cyber and physical domains are also examined in detail.

“Geopolitical shifts have rapidly transformed the cyber underground,” said Vladimir. “Political conflicts, rising hacktivism, and changing alliances have eroded trust and reshaped collaboration—spurring new ties with other groups, including Chinese-speaking actors. Spill-over into the EU is growing.”

As geopolitical tensions rise and cybercriminals embrace more advanced technologies like AI and Web3, understanding the inner workings of the Russian-speaking underground has never been more urgent.

Trend’s Russian-speaking Cyber Underground paper – the 50th in its Cybercrime Underground research seriesspanning nearly 15 years – provides unmatched depth and historical context for threat intelligence communities, business leaders, law enforcement, and cybersecurity professionals tasked with protecting critical infrastructure, enterprise assets, and national security.

About Trend Micro

Trend Micro, a global cybersecurity leader, helps make the world safe for exchanging digital information. Fuelled by decades of security expertise, global threat research, and continuous innovation, Trend Micro’s AI-powered cybersecurity platform protects hundreds of thousands of organisations and millions of individuals across clouds, networks, devices, and endpoints. As a leader in cloud and enterprise cybersecurity, Trend’s platform delivers a powerful range of advanced threat defence techniques optimised for environments like AWS, Microsoft, and Google, and central visibility for better, faster detection and response. With 7,000 employees across 70 countries, Trend Micro enables organisations to simplify and secure their connected world. www.TrendMicro.com.au.