According to an annual report from Dell SecureWorks on underground hacker marketplaces, hiring a hacker to compromise an account with a popular email or social networking account will cost you just $129.
Hackers are increasingly operating as regular businesses with many advertising themselves as “honest, trustworthy and professional,” and providing a variety of illicit goods and services on the cheap, says the cybersecurity company’s third annual Underground Hacker Markets Report.
According to the Dell report, released on 5 April, the information was gathered by two intelligence analysts from the company’s CISO INTEL Team, who tracked hackers on a number of underground hacker forums and marketplaces scattered across the globe.
The report focuses on markets in the Russian underground as well as English-based markets, and covers the third quarter of 2015 to the first quarter of 2016 time frame.
To enlist the help of a team of “trustworthy, professional” hackers to gain access to your Facebook, Gmail, or Outlook account, all that someone has to pay is $129. It appears like quite the illicit bargain considering the kind of harm someone could inflict once they have gained access. These hackers stand by their work promising fast results, total confidentiality, and even offer after-sales support.
Stolen bank account credentials, passports, social media hacking and other services tend to get higher prices and prices are steadily rising.
“Like any other market in a capitalist system, the business of cybercrime is guided by the supply and demand for various goods and services,” the report’s authors wrote. “Unfortunately for the law abiding public, both sides of that equation remain strong, with everything from credit cards to hacker-for-hire services being sold online.”
Security analysts found that those interested in hiring a hacker to compromise a Gmail, Hotmail, or Yahoo account only have to pay $129 for the service. Popular U.S. social media and Ukrainian email accounts are priced the same, popular Russian email accounts range between $65 and $103, while Russian social media accounts are priced higher, at $194. If someone is looking to hack the IP address of a computer user, it will cost them another $90. On the other hand, hacking into someone’s corporate email account will cost $500 per business mailbox.
Over the past three years, prices for a Remote Access Trojan (RAT) — a malware program that allows cybercriminals to secretly control your computer remotely — have reduced from $50-$250 in 2013, to only $5-$10 in 2015. On the other hand, the Angler Exploit Kit is available for $100-$135, and that the price for “Crypters” went up significantly, reaching $80-$440, compared to 2014, when this type of malware went for only $50-$150.
Hacking tutorials are available for purchase online between $20-$40 for multiple tutorials, whereas doxing services cost only $19.99 (down from up to $100 a year ago). While hacking a website (stealing data) costs $350, distributed denial of service (DDoS) attacks can be hired for as low as $5 per hour, $200 per week, or $1,000 per month, with the price being higher if the website has anti-DDoS protection installed.
The upgraded ATM “skimmer” – hidden electronics that steal personal data stored on your debit or credit card’s magnetic stripe – is one of the most popular items on the underground market this year. These devices are priced at $1,775 with new 3D printed versions coming out as well.
Airline and hotel points can also be purchased in these underground black markets. Based on the number of points in account, large U.S. airline points accounts priced as high as $450 for 1,500,000 points, and large Middle East airline points accounts priced at $150 for 500,000 points. A large international hotel chain points account with 1,000,000 points cost just $200, the report reveals.
Another interesting item available for purchase on the Russian underground is “full business dossiers” on companies situated within the country and include credentials linked with the company’s bank accounts including account numbers, logins, passwords and more.
“Our security experts had never seen a full business dossier being sold for any companies, much less for Russian organizations. What could one do with this type information besides potentially siphon off all the money in the company’s bank accounts? Well, the possibilities are extensive. If the company has good credit, there is certainly the potential for those possessing this data to apply for hefty bank loans, high-limit credit cards, car loans and other lines of credit,” Dell says.
Hackers are concentrating even more on salesmanship to please customers in order to compete and guarantee “customer satisfaction.” Dell says one ad offered “free-trial attacks” and “abilities” while other hackers are increasing their work hours to include weekends and even claim of 24/7 customer service.
“Prices and goods are not the only way sellers are distinguishing themselves. There also continues to be a focus on salesmanship,” Dell reports. “Compared to the report last year, our security experts noted this time around that many hackers were expanding their working hours to include weekends and even promising to be available 24 hours a day.”
Hackers are increasingly operating as regular businesses with many advertising themselves as “honest, trustworthy and professional,” and providing a variety of illicit goods and services on the cheap, says the cybersecurity company’s third annual Underground Hacker Markets Report.
According to the Dell report, released on 5 April, the information was gathered by two intelligence analysts from the company’s CISO INTEL Team, who tracked hackers on a number of underground hacker forums and marketplaces scattered across the globe.
The report focuses on markets in the Russian underground as well as English-based markets, and covers the third quarter of 2015 to the first quarter of 2016 time frame.
To enlist the help of a team of “trustworthy, professional” hackers to gain access to your Facebook, Gmail, or Outlook account, all that someone has to pay is $129. It appears like quite the illicit bargain considering the kind of harm someone could inflict once they have gained access. These hackers stand by their work promising fast results, total confidentiality, and even offer after-sales support.
Stolen bank account credentials, passports, social media hacking and other services tend to get higher prices and prices are steadily rising.
“Like any other market in a capitalist system, the business of cybercrime is guided by the supply and demand for various goods and services,” the report’s authors wrote. “Unfortunately for the law abiding public, both sides of that equation remain strong, with everything from credit cards to hacker-for-hire services being sold online.”
Security analysts found that those interested in hiring a hacker to compromise a Gmail, Hotmail, or Yahoo account only have to pay $129 for the service. Popular U.S. social media and Ukrainian email accounts are priced the same, popular Russian email accounts range between $65 and $103, while Russian social media accounts are priced higher, at $194. If someone is looking to hack the IP address of a computer user, it will cost them another $90. On the other hand, hacking into someone’s corporate email account will cost $500 per business mailbox.
Over the past three years, prices for a Remote Access Trojan (RAT) — a malware program that allows cybercriminals to secretly control your computer remotely — have reduced from $50-$250 in 2013, to only $5-$10 in 2015. On the other hand, the Angler Exploit Kit is available for $100-$135, and that the price for “Crypters” went up significantly, reaching $80-$440, compared to 2014, when this type of malware went for only $50-$150.
Hacking tutorials are available for purchase online between $20-$40 for multiple tutorials, whereas doxing services cost only $19.99 (down from up to $100 a year ago). While hacking a website (stealing data) costs $350, distributed denial of service (DDoS) attacks can be hired for as low as $5 per hour, $200 per week, or $1,000 per month, with the price being higher if the website has anti-DDoS protection installed.
The upgraded ATM “skimmer” – hidden electronics that steal personal data stored on your debit or credit card’s magnetic stripe – is one of the most popular items on the underground market this year. These devices are priced at $1,775 with new 3D printed versions coming out as well.
Airline and hotel points can also be purchased in these underground black markets. Based on the number of points in account, large U.S. airline points accounts priced as high as $450 for 1,500,000 points, and large Middle East airline points accounts priced at $150 for 500,000 points. A large international hotel chain points account with 1,000,000 points cost just $200, the report reveals.
Another interesting item available for purchase on the Russian underground is “full business dossiers” on companies situated within the country and include credentials linked with the company’s bank accounts including account numbers, logins, passwords and more.
“Our security experts had never seen a full business dossier being sold for any companies, much less for Russian organizations. What could one do with this type information besides potentially siphon off all the money in the company’s bank accounts? Well, the possibilities are extensive. If the company has good credit, there is certainly the potential for those possessing this data to apply for hefty bank loans, high-limit credit cards, car loans and other lines of credit,” Dell says.
Hackers are concentrating even more on salesmanship to please customers in order to compete and guarantee “customer satisfaction.” Dell says one ad offered “free-trial attacks” and “abilities” while other hackers are increasing their work hours to include weekends and even claim of 24/7 customer service.
“Prices and goods are not the only way sellers are distinguishing themselves. There also continues to be a focus on salesmanship,” Dell reports. “Compared to the report last year, our security experts noted this time around that many hackers were expanding their working hours to include weekends and even promising to be available 24 hours a day.”
0 comments:
Post a Comment