Trusteer, a maker of cybercrime protection products for endpoints, has teamed with Russia-based Group-IB, a security incident response and research firm, to help financial institutions combat cybercrime, mainly in Eastern Europe where Group-IB expertise falls.
Group-IB, which has published extensive research on Russian cybercrime markets, will work with Trusteer to conduct threat research focused on eastern European fraud rings. The intelligence gained from their research will be integrated into Trusteer’s fraud prevention solutions used by financial institutions, Trusteer said.
“Most fraud attempts against European and North American banks are carried out by eastern European cybercrime rings,” said Mickey Boodaei, CEO of Trusteer. “By integrating Group-IB’s unique and accurate intelligence into Trusteer Rapport and Trusteer Pinpoint, financial institutions will be able to block these attacks, fully understand the attack flow, the crime group behind it, and the success rate of each attack against other organizations around the world.”
“Working with Trusteer will enable our mutual customers to benefit from proprietary threat intelligence on cybercriminal rings, their tools, tactics and infrastructure – in order to better protect themselves and their customers,” added Ilya Sachkov, CEO of Group-IB.
Trusteer and Group-IB said they would focus their research on Malware & Botnets, Server & Client-Side Vulnerabilities, and Threat & Online-Banking Fraud Intelligence.
In addition to sharing information on banking botnet activity, infected machines, malware configurations and protection methods, the companies will combine their knowledge and discoveries of underground “for hire” cyber fraud services including “money-mule” rings, new malware kits, pre-built webinjects, and more, they said.
Group-IB, which also operates CERT-GIB, a private computer emergency response team in Russia, will pool its expertise in researching server-side vulnerabilities in leading online banking applications with Trusteer’s network that monitors and detects new financial malware attacks against vulnerable endpoint applications.
In a report released in April 2012, Group-IB estimated that the Russian cybercrime market in 2011 totaled $2.3 billion.
“The cybercrime market originating from Russia costs the global economy billions of dollars every year,” Sachkov said in a statement at the time.
Group-IB’s report noted that in 2011, the largest type of Russian cybercrime was online fraud at $942 million; followed by spam at $830 million; cybercrime to cybercrime, or C2C (including services for anonymization and sale of traffic, exploits, malware, and loaders) at $230 million; and DDoS at $130 million.