You have probably wondered at some time or another why there is so much malware. As we have lately explained on so many occasions, most times it all comes down to money. However, this raises other questions: How do hackers make money out of programming malware? Where do they sell their creations? For how much? Who buys the malware? What for?
Our investigation has taken a long time, not only due to the language barrier (the majority of this software and service sales in this sector -the evil sector- comes from Russia and other countries in the area, which made us turn to our technicians in Russia and Ukraine for help), but also due to the many buy-and-sell forums out there and the great variety of products / services available. Some of the services on offer include:
– DDoS attacks
– Spam Hosting.
– Hiding of executable files.
– FTP accounts.
– Mailing Lists.
– ICQ numbers.
– RapidShare accounts.
– Online business accounts (mainly Russian).
– Sale of Trojans.
– Hiring of hackers’ services.
From there on, there were services directly related to organized crime, which we will cover in future posts.
We are not going to tell you the sites where we found all of this info, but I can tell you that you don’t need to “google” a lot to find them.
In this post. I will concentrate on the prices of the most important services offered on underground websites, although we have found out that haggling is widely used.
The price usually depends on the attack time:
1 hour – US$10-20 (depends on the seller)
2 hours – US$20-40
1 day – US$100
+ 1 day – From US$200 (depends on the complexity of the job)
It is worth highlighting that they normally offer 10 minutes testing, this means that if you are interested, you tell them the server and they will perform a DoS attack for 10 minutes, so that you can evaluate the “service”.
The following screenshot shows how DDoS services are sold and how people request hacker services (Google translation):
Spam Hosting: US$200
Dedicated spam server US$500
+10,000,000 Mails per day US$600
SMS spam (per message) US$0.2
ICQ (1,000,000) US$150
Mailing lists for spam: (US$)
ACCOUNTS USA GERMANY RUSSIA UKRANIA
1,000,000 100 100 100 100
3,000,000 200 200 200 200
5,000,000 300 300 300 –
8,000,000 500 500 500 –
16,000,000 900 – – –
32,000,000 1500 – – –
Hiding of executable files. To avoid antivirus programs and firewalls (They guarantee that the files won’t be detected even by the antivirus updates of the date of purchase):
From US$1 to US$5 per executable file (cheap, isn’t it?)
FTP accounts: US$1 per account
50MB of Limbo Trojan logs US$30 (contains email accounts, bank account numbers, credit card numbers, etc. A percentage is guaranteed)
Icq numbers: fromUS$1 to US$10 (depending on the ICQ number)
RapidShare premium accounts: 1 month – US$5
2 months – US$8
3 months – US$12
6 months – US$18
1 year – US$28
Online Shops accounts (megashop.ru, bolero.ru, cup.ru…etc ALL RUSSIAN): US$50 each.
This screenshot shows how ICQ spam, proxies and hacking software are offered (Google translation):
In my next post, I will focus on the price of software (Trojans, joiners, viruses, etc.).