Abstract
This work addresses fundamental questions about the nature of cybercriminal organization. We investigate the organization of three underground forums: BlackhatWorld, Carders and L33tCrew to understand the nature of distinct communities within a forum, the structure of organization and the impact of enforcement, in particular banning members, on the structure of these forums. We find that each forum is divided into separate competing communities. Smaller communities are limited to 100–230 members, have a two-tiered hierarchy akin to a gang, and focus on a subset of cybercrime activities. Larger communities may have thousands of members and a complex organization with a distributed multi-tiered hierarchy more akin to a mob; such communities also have a more diverse cybercrime portfolio compared to smaller cohorts. Finally, despite differences in size and cybercrime portfolios, members on a single forum have similar operational practices, for example, they use the same electronic currency.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Afroz, S., Caliskan-Islam, A., Stolerman, A., Greenstadt, R., McCoy, D.: Doppelgänger finder: Taking stylometry to the underground. In: IEEE Symposium on Security and Privacy. IEEE (2014)
Afroz, S., Garg, V., McCoy, D., Greenstadt, R.: Honor among thieves: a commons analysis of cybercrime economies. In: eCrime Researcher’s Summit. APWG, IEEE (2013)
Blei, D.M.: Probabilistic topic models. Commun. ACM 55(4), 77–84 (2012)
Blondel, V.D., Guillaume, J.L., Lambiotte, R., Lefebvre, E.: Fast unfolding of communities in large networks. J. Stat. Mech. Theory Exp. 2008(10), P10008 (2008)
Bonacich, P.: Technique for analyzing overlapping memberships. Sociol. Methodol. 4, 176–185 (1972)
Brenner, S.W.: Organized cybercrime-how cyberspace may affect the structure of criminal relationships. North C. J. Law Technol. 4(1), 1–50 (2002)
Décary-Hétu, D.: Information exchange paths in irc chat rooms. In: Morselli, C. (ed.) Crime and Networks, pp. 218–230. Taylor & Francis Group, New York (2014)
Décary-Hétu, D., Leppänen, A.: Criminals and signals: An assessment of criminal performance in the carding underworld. Security Journal (2013)
Dunbar, R.: You’ve got to have (150) friends. The New York Times, The Opinion Pages (2010)
Dunbar, R.I.: Neocortex size as a constraint on group size in primates. J. Hum. Evol. 22(6), 469–493 (1992)
Dupont, B.: Skills and trust: a tour inside the hard drives of computer hackers. In: Morselli, C. (ed.) Crime and Networks, pp. 195–217. Taylor & Francis Group, New York (2014)
Finckenauer, J.O.: Problems of definition: what is organized crime? Trends Organized Crime 8(3), 63–83 (2005)
Franklin, J., Perrig, A., Paxson, V., Savage, S.: An inquiry into the nature and causes of the wealth of internet miscreants. In: ACM Conference on Computer and Communications Security, pp. 375–388 (2007)
Hagberg, A., Swart, P., S Chult, D.: Exploring network structure, dynamics, and function using networkx. Technical report, Los Alamos National Laboratory (LANL) (2008)
Herley, C., Florêncio, D.: Nobody sells gold for the price of silver: dishonesty, uncertainty and the underground economy. In: Moore, T., Pym, D., Ioannidis, C. (eds.) Economics of Information Security and Privacy, pp. 33–53. Springer, US (2010)
Holt, T.J., Strumsky, D., Smirnova, O., Kilger, M.: Examining the social networks of malware writers and hackers. Int. J. Cyber Criminol. 6(1), 891–903 (2012)
Hunt, S.D., Morgan, R.M.: The comparative advantage theory of competition. J. Mark. 59(2), 1–15 (1995)
Jennings, W.P.: A note on the economics of organized crime. East. Econ. J. 10(3), 315–321 (1984)
Jones, E., Oliphant, T., Peterson, P.: Scipy: Open source scientific tools for python (2001). http://www.scipy.org/
Kanich, C., Kreibich, C., Levchenko, K., Enright, B., Voelker, G.M., Paxson, V., Savage, S.: Spamalytics: an empirical analysis of spam marketing conversion. In: Proceedings of the 15th ACM Conference on Computer and Communications Security, pp. 3–14. ACM (2008)
McCoy, D., Pitsillidis, A., Jordan, G., Weaver, N., Kreibich, C., Krebs, B., Voelker, G.M., Savage, S., Levchenko, K.: Pharmaleaks: understanding the business of online pharmaceutical affiliate programs. In: Proceedings of the 21st USENIX Conference on Security Symposium, pp. 1–16. USENIX Association (2012)
Meyer, G.R.: The social organization of the computer underground. Technical report, DTIC Document (1989)
Monsma, E., Buskens, V., Soudijn, M., Nieuwbeerta, P.: Partners in Cybercrime. An Online Cybercrime Forum Evaluated From a Social Network Perspective. Ph.D. thesis, Thesis in Sociology and Social Research, Universiteit Utrecht, Netherlands (2010)
Moore, T., Clayton, R., Anderson, R.: The economics of online crime. J. Econ. Perspect. 23(3), 3–20 (2009)
Morselli, C., Giguère, C., Petit, K.: The efficiency/security trade-off in criminal networks. Soc. Netw. 29(1), 143–153 (2007)
Motoyama, M., McCoy, D., Levchenko, K., Savage, S., Voelker, G.M.: An analysis of underground forums. In: Proceedings of the 2011 ACM SIGCOMM Conference on Internet Measurement Conference, pp. 71–80. ACM (2011)
Peretti, K.K.: Data breaches: what the underground world of carding reveals. Santa Clara Comput. High Technol. Law J. 25(2), 375–413 (2008)
Sparrow, M.K.: The application of network analysis to criminal intelligence: an assessment of the prospects. Soc. Netw. 13(3), 251–274 (1991)
Xu, J.J., Chen, H.: Crimenet explorer: a framework for criminal network knowledge discovery. ACM Trans. Inf. Syst. (TOIS) 23(2), 201–226 (2005)
Yip, M., Shadbolt, N., Webber, C.: Structural analysis of online criminal social networks. In: IEEE International Conference on Intelligence and Security Informatics (ISI), pp. 60–65. IEEE (2012)
Yip, M., Shadbolt, N., Webber, C.: Why forums?: an empirical analysis into the facilitating factors of carding forums. In: Proceedings of the 5th Annual ACM Web Science Conference, pp. 453–462. ACM (2013)
Yip, M., Webber, C., Shadbolt, N.: Trust among cybercriminals? Carding forums, uncertainty and implications for policing. Policing Soc. 23(4), 516–539 (2013)
Acknowledgment
We thank the anonymous reviewers and our shepherd Jens Grossklags for their valuable feedback. We are grateful to Damon McCoy for providing us access to the dataset. This work is supported by Intel through the ISTC for Secure Computing and National Science Foundation CNS-1347151.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Garg, V., Afroz, S., Overdorf, R., Greenstadt, R. (2015). Computer-Supported Cooperative Crime. In: Böhme, R., Okamoto, T. (eds) Financial Cryptography and Data Security. FC 2015. Lecture Notes in Computer Science(), vol 8975. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-662-47854-7_3
Download citation
DOI: https://doi.org/10.1007/978-3-662-47854-7_3
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-662-47853-0
Online ISBN: 978-3-662-47854-7
eBook Packages: Computer ScienceComputer Science (R0)