Even criminals are subject to the laws of economics. Wired Magazine has an interesting article on the low prices of cybercrime tools in Russia. Some excerpts:
Wanna buy a botnet? It will cost you somewhere in the region of $700. If you just want to hire someone else’s botnet for an hour, though, it can cost as little as $2.
Maybe you’d like to spy on an ex — for $350 you can purchase a Trojan horse that lets you see all incoming and outgoing texts. Or maybe you’re just in the market for some good old-fashioned spamming — that will cost you $10 for someone to send a million e-mails on your behalf.
These are the going rates in Russia’s underground cybercrime market — a vibrant community of ne’er-do-wells offering every conceivable service at dirt-cheap prices — as profiled in security firm Trend Micro’s report, Russian Underground 101, which provides insight into the workings of the hidden economy.
Russia’s cybercrime market is “very mature,” says Rik Ferguson, Trend Micro’s director of security research and communications. “It’s been in place for quite some time. There are people offering niche services, and every niche is catered for.”
The report details a range of products offered in the underground, including ZeuS, a hugely popular Trojan horse that’s been around for at least six years. ZeuS creates botnets that remotely store personal information gleaned from users’ machines, and has been discovered operating on everything from home-based computers to the networks of large organizations such as Bank of America, NASA and Amazon. In 2011, the source code for ZeuS was released into the wild, which has made it “a criminal open source project,” Ferguson says. Variants of ZeuS now sell for $200-$500.
Cybercrime techniques go in and out of fashion like everything else — and in that sense, ZeuS is unusual for its longevity. Its success in large part is due to the fact that viruses and Trojans can be easily adapted to take advantage of whatever hot story is in the news — presidential elections, hurricane Sandy — in order to make fraudulent messages and spam emails seem more legitimate to users.
. . . So-called “ransomware” is an example of a more recent cybercrime trend, whereby the victim’s computer is locked down, and the hard drive is encrypted by a remote attacker. All the user sees on the screen is a message that tells them that local law enforcement has detected child pornography or pirated software on their PC. In order to unlock their machine, the message instructs victims to send money to a certain bank account. No payment, no unlocked hard drive.
Some victims who have paid the “fine” actually report getting their information back, says Ferguson. “But you’ve labeled yourself as an easy mark, and there’s no telling if they haven’t left behind a backdoor which will let them come back and try again,” he says.
The most recent trends in cybercrime are focused on mobile — particularly Android devices — Ferguson says.
“We’ve seen so far 175,000 malicious threats for Android, and we expect that to be a quarter of a million by next year,” he says. “Those threats come from malicious apps — if you want to stay safe, stick to official channels like Google Play, don’t just download from any site.”
Prices are going down across the Russian underground, Ferguson says.
“The bad guys are using technologies to drive down costs in the same way businesses are,” he says, noting the person who recently claimed online to have bought the personal information of 1.1 million Facebook users for just $5.