暗网勒索软件即服务（RaaS）广告中的供应商沟通主题

IF 9 1区心理学 Q1 PSYCHOLOGY, EXPERIMENTAL

Computers in Human Behavior Pub Date : 2025-01-17 DOI:10.1016/j.chb.2025.108571

Taylor Fisher , Zacharias Pieri , C. Jordan Howell , Roberta O’Malley , Lauren Tremblay , Mohamed Dawoud

{"title":"暗网勒索软件即服务（RaaS）广告中的供应商沟通主题","authors":"Taylor Fisher , Zacharias Pieri , C. Jordan Howell , Roberta O’Malley , Lauren Tremblay , Mohamed Dawoud","doi":"10.1016/j.chb.2025.108571","DOIUrl":null,"url":null,"abstract":"<div><div>In online illicit marketplaces, the Ransomware-as-a-Service (RaaS) industry is experiencing rapid growth. While traditionally ransomware was deployed by adept cybercriminals to lock or encrypt network assets, subsequently demanding a ransom for the decryption key, at present, RaaS is being marketed on darknet platforms as a pre-built, user-friendly form of ransomware. This study employs a thematic analysis of RaaS advertisements on darknet market to discern patterns in vendor communication with potential customers. The most common theme identified was victimization, appearing in 70% of the dataset, underscoring the nature of RaaS products as instruments of criminal activity. Victimization was commonly combined with other themes to persuade users to make a purchase. These findings provide critical insights into the commodification of ransomware and reveal the strategic mechanisms employed by vendors to attract both novice and experienced cybercriminals. The growing trend of RaaS highlights the ongoing professionalization of cybercriminal activities and underscores the necessity of cross-disciplinary research in addressing network security concerns.</div></div>","PeriodicalId":48471,"journal":{"name":"Computers in Human Behavior","volume":"165 ","pages":"Article 108571"},"PeriodicalIF":9.0000,"publicationDate":"2025-01-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Vendor communication themes in darknet Ransomware-as-a-Service (RaaS) advertisements\",\"authors\":\"Taylor Fisher , Zacharias Pieri , C. Jordan Howell , Roberta O’Malley , Lauren Tremblay , Mohamed Dawoud\",\"doi\":\"10.1016/j.chb.2025.108571\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<div><div>In online illicit marketplaces, the Ransomware-as-a-Service (RaaS) industry is experiencing rapid growth. While traditionally ransomware was deployed by adept cybercriminals to lock or encrypt network assets, subsequently demanding a ransom for the decryption key, at present, RaaS is being marketed on darknet platforms as a pre-built, user-friendly form of ransomware. This study employs a thematic analysis of RaaS advertisements on darknet market to discern patterns in vendor communication with potential customers. The most common theme identified was victimization, appearing in 70% of the dataset, underscoring the nature of RaaS products as instruments of criminal activity. Victimization was commonly combined with other themes to persuade users to make a purchase. These findings provide critical insights into the commodification of ransomware and reveal the strategic mechanisms employed by vendors to attract both novice and experienced cybercriminals. The growing trend of RaaS highlights the ongoing professionalization of cybercriminal activities and underscores the necessity of cross-disciplinary research in addressing network security concerns.</div></div>\",\"PeriodicalId\":48471,\"journal\":{\"name\":\"Computers in Human Behavior\",\"volume\":\"165 \",\"pages\":\"Article 108571\"},\"PeriodicalIF\":9.0000,\"publicationDate\":\"2025-01-17\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Computers in Human Behavior\",\"FirstCategoryId\":\"102\",\"ListUrlMain\":\"https://www.sciencedirect.com/science/article/pii/S0747563225000184\",\"RegionNum\":1,\"RegionCategory\":\"心理学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q1\",\"JCRName\":\"PSYCHOLOGY, EXPERIMENTAL\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computers in Human Behavior","FirstCategoryId":"102","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0747563225000184","RegionNum":1,"RegionCategory":"心理学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"PSYCHOLOGY, EXPERIMENTAL","Score":null,"Total":0}

引用次数: 0

摘要

在网上非法市场，勒索软件即服务（RaaS）行业正在快速增长。传统上，勒索软件是由老练的网络犯罪分子部署来锁定或加密网络资产，随后要求赎金才能获得解密密钥，而目前，RaaS作为一种预先构建的、用户友好的勒索软件形式在暗网平台上销售。本研究以暗网市场的RaaS广告为研究对象，探讨厂商与潜在顾客的沟通模式。最常见的主题是受害，出现在70%的数据集中，强调了RaaS产品作为犯罪活动工具的性质。受害通常与其他主题相结合，以说服用户购买。这些发现为勒索软件的商品化提供了重要的见解，并揭示了供应商为吸引新手和有经验的网络罪犯而采用的战略机制。RaaS的增长趋势凸显了网络犯罪活动的持续专业化，强调了解决网络安全问题的跨学科研究的必要性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Vendor communication themes in darknet Ransomware-as-a-Service (RaaS) advertisements

In online illicit marketplaces, the Ransomware-as-a-Service (RaaS) industry is experiencing rapid growth. While traditionally ransomware was deployed by adept cybercriminals to lock or encrypt network assets, subsequently demanding a ransom for the decryption key, at present, RaaS is being marketed on darknet platforms as a pre-built, user-friendly form of ransomware. This study employs a thematic analysis of RaaS advertisements on darknet market to discern patterns in vendor communication with potential customers. The most common theme identified was victimization, appearing in 70% of the dataset, underscoring the nature of RaaS products as instruments of criminal activity. Victimization was commonly combined with other themes to persuade users to make a purchase. These findings provide critical insights into the commodification of ransomware and reveal the strategic mechanisms employed by vendors to attract both novice and experienced cybercriminals. The growing trend of RaaS highlights the ongoing professionalization of cybercriminal activities and underscores the necessity of cross-disciplinary research in addressing network security concerns.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Computers in Human Behavior Multiple-

CiteScore

19.10

自引率

4.00%

发文量

381

审稿时长

40 days

期刊介绍： Computers in Human Behavior is a scholarly journal that explores the psychological aspects of computer use. It covers original theoretical works, research reports, literature reviews, and software and book reviews. The journal examines both the use of computers in psychology, psychiatry, and related fields, and the psychological impact of computer use on individuals, groups, and society. Articles discuss topics such as professional practice, training, research, human development, learning, cognition, personality, and social interactions. It focuses on human interactions with computers, considering the computer as a medium through which human behaviors are shaped and expressed. Professionals interested in the psychological aspects of computer use will find this journal valuable, even with limited knowledge of computers.