The Trend Micro Underground Series

Trend Micro’s Cybercrime Underground series represents an ongoing commitment to shed light into the dark world of cybercrime from as far back as 2011. Over the years we have shared details learned from extensive research on regional corners of the criminal underground, including their infrastructure and changing business models, covering several evolutions of specific regional undergrounds and major updates within those communities. Collectively, these publications represent thousands of pages of insight for those looking to defend themselves and their organizations from cybercrime today and the future. We answer one important question — how do criminals think?

This strategic knowledge of cybercrime motives, ecosystems, business models, and techniques not only helps security teams anticipate and proactively counter threats before they strike; but also empowers business leaders to make informed, strategic decisions about risk, resilience, and investment in cybersecurity.

This page, which coincides with the release of the 50th publication in the series (an in-depth update on the Russian-speaking underground) in April 2024, brings all these publications together in one place. The series contains the unique, collective knowledge of Trend Micro’s top threat researchers, whose experience and expertise provide a useful resource for those studying how to combat cybercrime for years to come. It is through deep understanding of the past, that all our readers can help us move towards Trend’s vision of a world safe for the exchange of digital information.