Discerning Novel Value Chains in Financial Malware
On the Economic Incentives and Criminal Business Models in Financial Malware Schemes
Rolf van Wegberg (TU Delft - Organisation & Governance, TNO)
Bram Klievink (TU Delft - Organisation & Governance)
MJG van Eeten (TU Delft - Organisation & Governance)
More Info
expand_more
Other than for strictly personal use, it is not permitted to download, forward or distribute the text or part of it, without the consent of the author(s) and/or copyright holder(s), unless the work is under an open content license such as Creative Commons.
Abstract
Fraud with online payment services is an ongoing problem, with significant financial-economic and societal impact. One of the main modus operandi is financial malware that compromises consumer and corporate devices, thereby potentially undermining the security of critical financial systems. Recent research into the underground economy has shown that cybercriminals are organised around highly specialised tasks, such as pay-per-install markets for infected machines, malware-as-a-service and money mule recruitment. Setting up a successful financial malware scheme requires the aligning of many moving parts. Analysing how cybercrime groups acquire, combine and align these parts into value chains can greatly benefit from existing insights into the economics of online crime. Using transaction cost economics, this paper illustrates the business model behind financial malware and presents three novel value chains therein. For this purpose, we use a conceptual synthesis of the state-of-the-art of the literature on financial malware, underground markets and (cyber)crime economics, as well as today’s banking practice.