Cloud

3/30/2016
10:10 AM
Connect Directly
Twitter
Twitter
RSS
E-Mail
50%
50%

Cybercrime: A Black Market Price List From The Dark Web

What does it cost for malware, stolen identities and other tools of the cybercriminal trade? Probably less than you think.
Previous
1 of 10
Next

Image Source: Adobe Stock

Image Source: Adobe Stock

There's no better lesson in the mechanics of a free market than watching a black market at work. And in this era of cybercrime, there may be no better observational laboratory of black market dynamics than on the Dark Web. For years now, security researchers have observed the evolution of the cybercrime economy, as malware authors, identity thieves and fraudsters have peddled their wares in a marketplace that has grown increasingly specialized in its division of labor. 

Today, the menu of options is staggering, with many widely available items and services becoming quickly commoditized. Social security numbers, stolen credit card numbers and full identity information run for as cheap as a few bucks each. Botnet booter rentals can be had for under $100 a day to conduct DDoS and stressor campaigns against targets. And many malware authors offer both software for sale and malware-as-a-service in the SaaS model for a range of prices.

Additional services and differentiated items like 0-day vulnerability information net attackers more lucrative price points, as attackers seek out the means for targeted campaigns. The illicit shops and salespeople on the Deep Web operate as true businesses, with many components of committing cybercrime bundled in special discount packages for customers seeking the best bang for their criminal buck.  It is truly a complex and sophisticated economy out there.

We've compiled some of the prices to give readers a feel for how cheaply crooks can get started in their criminal enterprises. All prices are given in USD, unless otherwise noted.

 

Ericka Chickowski specializes in coverage of information technology and business innovation. She has focused on information security for the better part of a decade and regularly writes about the security industry as a contributor to Dark Reading.  View Full Bio

Previous
1 of 10
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Why CISOs Need a Security Reality Check
Joel Fulton, Chief Information Security Officer for Splunk,  6/13/2018
Cisco Talos Summit: Network Defenders Not Serious Enough About Attacks
Curtis Franklin Jr., Senior Editor at Dark Reading,  6/13/2018
Meet 'Bro': The Best-Kept Secret of Network Security
Greg Bell, CEO, Corelight,  6/14/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-12294
PUBLISHED: 2018-06-19
WebCore/platform/graphics/texmap/TextureMapperLayer.cpp in WebKit, as used in WebKitGTK+ prior to version 2.20.2, is vulnerable to a use after free for a WebCore::TextureMapperLayer object.
CVE-2018-12519
PUBLISHED: 2018-06-19
An issue was discovered in ShopNx through 2017-11-17. The vulnerability allows a remote attacker to upload any malicious file to a Node.js application. An attacker can upload a malicious HTML file that contains a JavaScript payload to steal a user's credentials.
CVE-2018-12588
PUBLISHED: 2018-06-19
Cross-site scripting (XSS) vulnerability in templates/frontend/pages/searchResults.tpl in Public Knowledge Project (PKP) Open Monograph Press (OMP) v1.2.0 through 3.1.1-1 before 3.1.1-2 allows remote attackers to inject arbitrary web script or HTML via the catalog.noTitlesSearch parameter (aka the S...
CVE-2018-10811
PUBLISHED: 2018-06-19
strongSwan 5.6.0 and older allows Remote Denial of Service because of Missing Initialization of a Variable.
CVE-2018-10945
PUBLISHED: 2018-06-19
The mg_handle_cgi function in mongoose.c in Mongoose 6.11 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash, or NULL pointer dereference) via an HTTP request, related to the mbuf_insert function.