Preventing Crime-as-a-Service with Cutting-Edge Tools and Intelligence

Call ID

HORIZON-CL3-2023-FCT-01

Duration

01.09.2024 – 31.08.2027

Total Budget
0 M€
Partners
0
Countries
0
Use Cases
0

The Vision

Crime-as-a-Service (Caas)

CaaS represents a worrying evolution in the cyber threat landscape, transforming criminal activities into organised and commercialised enterprises. Similar to legitimate Software-as-a-Service (SaaS) platforms, CaaS offers on-demand illicit services such as malware rentals and fraud platforms. This shift lowers barriers to entry for cybercriminals, enabling individuals without technical skills to engage in activities like identity theft and payment card fraud through digital means. The consequence is a significant amplification of criminal operations’ scale and impact.

Our Aim

SafeHorizon aims to tackle the emerging threat of Crime-as-a-Service (CaaS) by harnessing intelligence from various sources including the clear web, deep web, dark web, public dumps, and law enforcement datasets. By integrating these data streams with machine learning technologies, the project seeks to extract actionable evidence for legal use.

Use Cases

Monitoring transnational crime networks

Monitoring activities of actors in crime networks including ongoing malicious campaigns that may span across different jurisdictions and developing a set of dedicated crawlers which will provide insight and visibility of real-time activity of malicious online activity.

Criminal marketplace analysis

In order to assess the efficacy of the crawlers and the correlation engine, this use case is dedicated to the analysis of criminal marketplaces, and includes testing of the usefulness of SafeHorizon tools to identify crime networks and investigate their members.

Child sexual abuse and trafficking

This use case presents a comprehensive overview of the distribution channels and of the release dates of child sexual abuse material (CSAM).

Malware-as-a-Service

Malware-as-a-Service (MaaS) is a business model under which cybercriminals provide access to malicious software and related infrastructure for a fee, and in this use case we monitor and analyse ongoing malicious campaigns that may target organisations or individuals.

Partners

Coordinated by the Athena Research Center, SafeHorizon is a multidisciplinary research and development initiative spearheaded by an international consortium comprising 13 partners from 11 countries. Carefully selected consortium is gathering outstanding R&D centers and universities, businesses and Law enforcement agencies (LEAs) to ensure the perspective of developers, cybersecurity practitioners, researchers, and machine learning experts focusing on technical areas between security and development. Committed to contributing to cybercrime prevention improvement, the Consortium will ensure provision of a comprehensive toolbox of underdevelopment and enhanced open-source solutions for combating cybercrime designed to be user-friendly and easily adaptable.

Latest News

  • 9 April 2026|Blog|1.9 min|

    Unlocking the Value of EU Security Research: The LEA Projects Cluster Approach

    The LEA Projects Cluster, led by Privanova, unites 51+ EU projects to connect results, foster collaboration, and deliver coordinated, policy-relevant security outcomes.

  • 24 February 2026|Blog|5.9 min|

    Spain’s Situation in the Cyberspace Domain

    In recent years, the volume of cyberattacks in Spain has shown an increasing trend. According to the National Cybersecurity Institute (INCIBE), 97,348 cybersecurity incidents were managed in 2024, representing an increase of 16.6 % over the previous year.

  • 16 February 2026|Blog|2.1 min|

    Quantum‑Aware Security: Preparing Europe’s Law Enforcement for the Next Technological Disruption

    Quantum technologies are set to transform Europe’s law enforcement landscape, offering powerful new tools while challenging the very encryption systems that safeguard today’s data and communications.

  • 10 February 2026|Blog|1 min|

    Public-Private Collaboration: A Blueprint for Disrupting Criminal Infrastructure on the Blockchain

    Public-private collaboration offers a model for combining technical expertise, intelligence, and investigative authority to effectively disrupt criminal infrastructure.

  • 6 February 2026|Blog|2.6 min|

    Data Harvesting for CaaS Detection: Turning Digital Clues into Actionable Intelligence

    Data harvesting for CaaS detection is about gathering signals from multiple layers of the digital environment - network traffic, dark web fora, malware telemetry, social platforms, and encrypted communication channels - and transforming them into operational intelligence.

  • 28 January 2026|Blog|4.2 min|

    Spain blackout: uncovering unknowns with Hypothesis Competition Analysis

    On April 28, 2025, a blackout hit the Iberian Peninsula, leaving Spain and Portugal powerless for hours. The GiCP used this event to conduct a practical exercise in structured intelligence analysis, aiming to uncover insights and better understand the incident.

  • 26 January 2026|Blog|2.2 min|

    RansomHouse: The Rising Sophistication of Ransomware Toolkits

    Recent analysis reveals significant advancements in the encryption capabilities of RansomHouse, a ransomware-as-a-service (RaaS) operation carried out by a group known as Jolly Scorpius.

  • 22 January 2026|Blog|1.3 min|

    Join the GroundUp Hackathons: create innovations for Real-World CBRNE Challenges

    Malware - short for malicious software - remains one of the most pervasive threats in cyberspace, encompassing various types of malicious code designed to disrupt, damage, or gain unauthorised access to computer systems.

  • 18 January 2026|Blog|2.7 min|

    Decentralized Crime, Centralized Response: Why LEAs Need Blockchain Intelligence Platforms

    Blockchain brings financial freedom and innovation, but also new criminal challenges. Law Enforcement Agencies are turning to blockchain intelligence platforms to track and combat crypto-enabled crime.

  • 14 January 2026|Blog|1.3 min|

    Profiling of CSAM offenders

    A new systematic review in Sexual Medicine Reviews (2026) analyzes 35 studies to profile those who create demand for Child Sexual Abuse Material (CSAM), helping us understand how to stop its spread.

Events

  • 18 February 2026|Events|2.5 min|

    Law Enforcement Innovation & Synergies Workshop, organised by the LEA Projects Cluster

    On 29 January 2026, the LEA Projects Cluster organised an LEAs-only online meeting, focused on law enforcement innovation and synergies.

  • 27 October 2025|Events|0.6 min|

    Joint Stakeholder Workshop – PRESERVE, SafeHorizon, ENSEMBLE, and LEA Projects Cluster

    We invite you to a joint stakeholder workshop organised by PRESERVE, SafeHorizon, and ENSEMBLE, together with the LEA Projects Cluster, led by Privanova.

  • 28 April 2025|Events|1 min|

    IMTrustSec: International Workshop on Incident Management, Trusted Computing, Open Hardware, and Advanced Security Attacks

    GICP - Cybersecurity and Privacy Protection Research Group is organising IMTrustSec 2025 – The International Workshop on Incident Management, Trusted Computing, Open Hardware, and Advanced Security Attacks, in collaboration with Diana Berbecaru.

  • 28 April 2025|Events|0.4 min|

    Workshop on Cryptographic Tools for Blockchain

    Join us in Madrid for the Workshop on Cryptographic Tools for Blockchain, affiliated with Eurocrypt 2025! Organised by top experts, including David Arroyo (CSIC/GICP, SafeHorizon Project partner), this one-day event will explore cutting-edge cryptographic innovations for DLT ecosystems.

  • Cepol 2025 Rome
    10 March 2025|Events|0.8 min|

    Research and Science Conference 2024/2025 (CEPOL)

    The Vicomtech team will participate in the European Union Agency for Law Enforcement Training (CEPOL) Research and Science Conference 2024/2025 in Rome (25–27 March 2025).

  • 11 December 2024|Events|0.7 min|

    SafeHorizon and Tampere University host Hands-On Workshop #1: The Dark Web

    The SafeHorizon Project EU and Tampere University are hosting an online hands-on workshop on Dec 17th 2024.