Crimeware Explained

Everything you need to know about crimeware...


Cybercriminals have many tools that they can use to cause havoc. Whether they want to steal their victim’s money or personal information or to use other people’s resources without their knowledge, there’s an app for that in many cases. All these tools, both software and hardware, are known as crimeware, and in this article – we’ll explain what it is and how you can protect yourself from crimeware. Let’s start by defining the term, shall we?

Crimeware 101

Crimeware is malicious (piece of) code designed to aid criminal activities on the internet. It can either be a single app or a set of apps that help criminals steal personal information, take control of the infected device, or automate their nefarious activities, such as phishing. In that sense, any malware can be crimeware if it’s used for illegal purposes — but not every crimeware is necessarily malware. This is because it can be any software for illicit activities, such as software kits for phishing attacks.

Typically, crimeware is associated with software-based attacks, but it can also be hardware-based. For instance, criminals can connect hardware keyloggers to steal passwords in a workplace or use packet sniffers for man-in-the-middle attacks on public Wi-Fi networks.

How does crimeware work?

Generally speaking, most crimeware works like malware. Your device gets infected when you click links in an email or download a file from a malicious or fake website. Also, it is possible to get infected by visiting a compromised website or using outdated software.

After a crimeware app has been installed on your device, it can:

  • Observe your activities or log your keystrokes in the background, allowing criminals to get your passwords, credentials to online bank accounts, and/or other sensitive data.
  • Use your computer for malicious purposes, like employing it as a bot for DDoS attacks, making it mine cryptocurrency, or using it to send spam/scam emails.
  • Encrypt your device and ask for a ransom payment.

On the other hand, if crimeware is not malware – it could help criminals automate their activities or enable their illicit actions in different ways. For instance, a phishing kit is not directly used to compromise other people’s devices; instead, it is a set of tools attackers use to create convincing phishing emails or fake websites.

Ultimately, the functionality of crimeware depends on its type and purpose.

Different types of crimeware

As you have probably figured out by now, crimeware includes a range of malicious software and code used for cybercrime. Some of the main types of crimeware include:

Trojan horse
A trojan is a malicious software that disguises itself as a legitimate program, such as a video game or browser toolbar. And so, the unsuspecting user doesn’t see anything wrong going on while in the background – criminals are getting remote access to their device or stealing their financial information. Trojans are also used for fraudulent transactions and identity theft.

Remote Access Trojan (RAT)
A special type of trojan horse designed to provide a criminal with remote control over a victim’s computer. Criminals can perform various malicious activities, such as stealing confidential data or installing additional malware.

Adware is a type of software that displays unwanted ads on a victim’s device. Sometimes, adware can be used to show fraudulent advertising, such as get-rich-quick crypto schemes or for spreading other malware once installed.

An advanced type of crimeware that hides itself by modifying the operating system. As a result, rootkits are challenging to remove; they provide attackers with remote access to the victim’s device, enabling them to do all kinds of damage.

A type of crimeware that harvests all kinds of data from the victim’s device without their knowledge or consent. Spyware comes in multiple “flavors” and could be used to collect the user’s browsing history, record their keystrokes and screen activity, or take over webcam video and audio.

A special type of spyware that is used for recording the user’s keystrokes. As a result of using keyloggers, hackers get to learn their victim’s login credentials, credit card details, and other sensitive information. Keyloggers can be either software or hardware-based, with the former typically ending up on users’ devices as any other malware. On the other hand, hardware keyloggers are meant to be planted and connected to the target’s device.

A malicious code or software that replicates itself to spread from one device to another. Generally speaking, it requires the user’s interaction to execute the malicious code. Once installed, viruses can cause damage to files, applications, and operating systems.

Another self-replicating crimeware that can spread across a network without human interaction. Once installed, it can steal sensitive data and even install other malware in the process.

Types of crimeware attacks

Once a device has been infected with crimeware, criminals can use it for various attacks. Here are some of the most common examples of crimeware attacks:

Identity theft
In this case, crimeware is used to steal the victim’s personal information such as name, address, Social Security number, and any other information that criminals can use to impersonate the victim. If successful, hackers can use this personal information for other fraudulent activities like opening online bank accounts, taking out loans, or making purchases in the victim’s name.

Data theft
Hackers can make money even without stealing their victim’s identity. Instead, they could use stolen passwords, credit card numbers, or bank account details for other kinds of financial fraud. Or they could sell this data on the dark web for other criminals to use.

DDoS attacks
In a Distributed Denial of Service (DDoS) attack, hackers have hijacked a victim’s device and turned it into a bot to flood a specific website or service with a ton of traffic. The targeted web server then becomes inaccessible to regular users. DDoS attacks can be used for extortion or such services resold on the dark web.

Ransomware is a type of malware that encrypts the victim’s files or entire device and demands payment for the decryption key. This attack aims to extort money from the victim by holding their data hostage.

Cryptojacking presumes criminals using the device infected with crimeware to mine cryptocurrencies. As a result of cryptojacking, the victim’s device may suddenly become slow and/or crash often. It can also increase electricity costs for the victim.

In a pharming attack, fraudsters redirect the victim’s web traffic from a legitimate website to a fake website. As such, pharming attacks are used for stealing sensitive information, such as login credentials and credit card numbers.

Session hijacking
Session hijacking attacks include crimeware used to intercept and take over a legitimate user’s session on a web application. Once the criminal has gained control of the user’s session, they can perform actions on the user’s behalf, like making unauthorized transactions or accessing sensitive data.

Preventing crimeware attacks

Preventing crimeware and any other form of hack presumes to learn and read about security. Also, you should be wary of clicking any suspicious links behind which there are too-good-to-be-true promises. As that’s usually the case, if something sounds too good to be true — chances are that is indeed the case.

Still, you can do some things, like:

  • Keep all your apps up to date. This will make sure your software and your operating system have all the latest security patches installed, thus eliminating potential security vulnerabilities before criminals exploit them.
  • Use strong and unique passwords. Better yet, use a password manager and pair it with multi-factor authentication — so that even if someone manages to get hold of your impossible-to-remember password, they won’t be able to do much with it.
  • Use reputable security software. And keep it up to date at all times across all your devices.
  • Be cautious with attachments and clicks on links. Generally speaking, you shouldn’t be opening attachments from people you don’t know. And this is especially the case for Word documents, Excel spreadsheets and, God forbid, executable files.
  • Make regular backups. Backups keep you prepared for the worst so that if something bad happens – you can quickly get back to “business as usual.”
  • Pay close attention to your devices. If you notice something’s off, like your phone or computer has suddenly started acting weird or being too slow, you may want to install some anti-malware on it to test it out.
  • Use a VPN. While it won’t prevent all crimeware, it will keep your connection secure while connecting to notoriously insecure public Wi-Fi networks. It will encrypt all traffic flowing between your device(s) and the rest of the Internet.

Finally, we should also add that you should constantly learn and keep up with security news. By staying informed, you will know what’s “out there” and hopefully be prepared (better protected) when the need arises. Stay safe!