Turning Digital Nomads into Cyber Criminals

I have often wondered; how does someone follow the path to into cybercrime? Is it naïve desire for employment or curiosity leading to and illicit side-gig?

When I was in my early teens, I and a couple kids in my school used auto-dialer scripts to find dial-up bulletin boards. It was amusing and generally harmless, and “everyone was doing it.” However, my curiosity in the practice ended when one kid had his computer taken away, supposedly by federal agents. Individually, the newness of the technology was enticing, sparking our imaginations. At this point my interests turned to writing code, guiding me later in life as a legitimate professional.

In the mid-2000s I learned about the illegal activities of a neighborhood acquaintance. He ran a Ponzi how-to-get-rich scam. He attempted to shield his acts by using a third party, an otherwise innocent and naïve neighbor, to collect mail and receive payments on his behalf. He tempted others into assistance, and mail fraud, through generosity and cash donations to “help the less fortunate.” His story ended in a prison term, loosing his family and friends, and scaring his unwitting accomplices straight.

Dark Shadows, Dark Pathways

Dark pathways into cybercrime: Minding the threat actor talent gap | Digital Shadows

Dark Shadows describe four methods leading or recruiting individuals into cybercrime. In short:

“Our research revealed four typical pathways for evolving as a cybercriminal: curiosity and being attracted by profit, development schemes organized by cybercriminal platforms, deliberate recruitment drives, and abusing real-life employment.” – Digital Shadows

I suspect these describe typical paths to criminality. This paragraph from earlier in the article, along with my experiences, caught my attention.

“Over the past few months, we have also observed an increased drive on some English-language cybercriminal forums to hire new staff. The forum administrators tend to look for new staff among trusted forum members and encourage them to apply if they fit the requirements laid out in the ‘job description’ provided in the job vacancy announcement.” – Digital Shadows

Granted, Digital Shadows researchers are looking at ads on select cybercrime related forums, not the typical job hunter’s board. However, digging into revelations about how the Conti ransomware group spends money for services indicates recruitment may reach into more legitimate environments.

Hello! My Name is Noob.

I see posts like these two examples every day in various forums. They say so much in so few words it is painful to see.

I read these and immediately think the following about the writers:

  • They are Naïve
  • They have access to the internet yet have never used a search engine
  • They have no actual job experience at anything
  • They are mutton for unscrupulous hunters
  • They prove the birth rate of suckers remains constant
  • They confuse passion with ability
  • They are phishing (a special case*)

These are people who have fallen for the fallacy of following your passion. It is easy to do. I have done the same. I recommend everyone listen to Mike Rowe’s advice, “Don’t follow your passion.”

Don’t Follow Your Passion | PragerU – Mike Rowe

Passion is Fuel, not Skill

When I was young, I had a talent for computers. I understood software. I was comfortable in that space. I visualize code and see its elements connecting like parts of an engine. I also had a passion to build things, like my father. I followed my desires to be more like my father and build and construct small marvels. While I made a living at various jobs, I had merely a basic competency and no enjoyment.

My passions led me down dead-ends several times. In every job I had, I drifted into side work supporting the business’s computing needs. Until one day I realized, for me, I was pouring effort into work better pursued as a hobby, and what I had always thought as a hobby was really a career. I refocused on my software development skills and quickly found opportunities in places others saw complexity. I found passion in filling specific needs of business.

I discovered without realizing it at the time, what Mike Rowe said years later, “Never follow your passion, but always bring it with you.”

Today, I enjoy my work and it is fulfilling. It allows me work remotely, virtually anywhere, which I have used to my advantage and at times by necessity. I succeed because my passion is fuel to deliver consistent and reliable results with discipline.

My earlier jobs were not a waste. I apply and leverage those skills. I have also pursued other hobbies through the years, pouring a little passion as fuel into the efforts as needed.

Noob, meet Threat

The example posts from those seeking a Digital Nomad lifestyle may as well be signs announcing, “victim here!”

Look at one of the big “unicorn” ransomware groups, Conti, which has taken an estimated $150 million dollars. While Conti may be ‘rebranding’ under a new name, its infrastructure and assets still exits.

Russian Hacker Group Has Earned $150 Million From 1,000 Ransomware Attacks Worldwide (ibtimes.com)

Conti ransomware shuts down operation, rebrands into smaller units (bleepingcomputer.com)

Analysis by BreachQuest of the leaked Conti information shows the group hires out for services. One can assume groups like Conti purchase services through either legitimate businesses or Conti shell companies.

The Conti Leaks – Insight into a Ransomware Unicorn | BreachQuest

“Studying the leaks, we see that Conti has spent an estimated 6 million dollars on employee salary, tooling, and professional services from January 2021 to February 2022.” – BreachQuest

With money like that, who needs criminals?

“Conti recruits their workers in a few different ways, the first is recommendations from current trusted workers. The other is using recruiting services to find candidates with the skillsets Conti needs to fill. One of the services that Conti uses is hhcdn.ru. This service allows Conti’s HR department to access the resume database to view potential qualified candidates’ information.” – BreachQuest

Combine a well-financed pseudo-legitimate recruiting system of an international criminal organization and the enthusiastic desire of naïve job seekers looking for easy remote work and travel and you have a pathway into a life of crime, unintended or otherwise.

This is, of course, speculative. It is also easy to see, perhaps obvious. I have seen friends and acquaintances taken by the lure of easy money by what appears harmless. For example, being complicit in mail fraud simply for collecting mail and depositing checks for a little extra cash for someone who appeared legitimate.

What’s a Noob to Do?

My hope for these wannabe Digital Nomads is to pick up skills and do research before jumping the fence into the wild. Build your skill stack, and don’t fear stumbling, see: How to Fail at Almost Everything and Still Win Big.

Having a skill applicable in locations internationally and be willing to do the work is a good start. Looking for an “easy way out” is not a desirable attribute on a resume. Better yet, build a business or get a job that allows remoted work in the places you want to travel. Put the right tools in your toolbox and you build growth.

In all cases, to be successful, it requires following opportunity, stepping into a workspace, improving skills, and finding passion in accomplishments.

*The Special Case Phisher

On one of the posted examples was a comment saying, “Why does your profile say you work at Facebook?” I could not verify the assertion, but it brings up an interesting special case, and a reversal to my “I am a Noob” commentary. Granted, the possibility posts like these are phishing the social media pool to hook bad actors looking to prey on Noob game. In other words, a post this naïve could be a honeypot trap to catch the threat actors. One can hope.

Either way, my overall response to the whoever made the post is to not engage or reply. No good will come from this exchange.