CyberHappenings logo
Home Browse About

Track cybersecurity events as they unfold. Sourced timelines. Filter, sort, and browse. Fast, privacy‑respecting. No invasive ads, no tracking.

Cybercrime Adoption of SaaS Models for On-Demand Criminal Services

First reported
Last updated
1 unique sources, 1 articles

Summary

Hide ▲

Cybercriminals are increasingly adopting a subscription-based, 'as-a-service' (CaaS) model, similar to legitimate cloud services. This shift allows inexperienced attackers to rent tools, access, and infrastructure needed for various cyberattacks. The model includes services like phishing-as-a-service (PhaaS), Telegram bots for social engineering, infostealer logs as cloud data feeds, initial access brokers (IABs), and advanced malware tools at low subscription fees. The commoditization of cybercrime services lowers the barrier to entry, enabling even low-skill attackers to carry out sophisticated attacks. This trend highlights the need for cybersecurity experts to adopt scalable and adaptive defense strategies.

Timeline

  1. 02.12.2025 17:10 1 articles · 23h ago

    Cybercrime Adopts SaaS Models for On-Demand Criminal Services

    Cybercriminals are increasingly adopting a subscription-based, 'as-a-service' (CaaS) model, similar to legitimate cloud services. This shift includes services like phishing-as-a-service (PhaaS), Telegram bots for social engineering, infostealer logs as cloud data feeds, initial access brokers (IABs), and advanced malware tools at low subscription fees. The commoditization of cybercrime services lowers the barrier to entry, enabling even low-skill attackers to carry out sophisticated attacks.

    Show sources
    Open in new tab

Information Snippets

  • Phishing-as-a-service (PhaaS) platforms offer turnkey solutions for creating and sending phishing emails, including AI-powered tools like SpamGPT.

    First reported: 02.12.2025 17:10
    1 source, 1 article
    Show sources

  • Telegram bots are used for automated call scams, spoofing caller IDs, and tricking victims into divulging 2FA codes, available on a subscription basis.

    First reported: 02.12.2025 17:10
    1 source, 1 article
    Show sources

  • Infostealer logs are aggregated and sold through specialized platforms, allowing cybercriminals to search and filter stolen data like a cloud database.

    First reported: 02.12.2025 17:10
    1 source, 1 article
    Show sources

  • Initial access brokers (IABs) sell network access as a commodity, offering tiered pricing and subscription bundles for recurring customers.

    First reported: 02.12.2025 17:10
    1 source, 1 article
    Show sources

  • Advanced malware tools like the Atroposia RAT are available for rent at low monthly fees, making sophisticated attacks accessible to low-skill attackers.

    First reported: 02.12.2025 17:10
    1 source, 1 article
    Show sources