Cloud

3/30/2016
10:10 AM
Connect Directly
Twitter
Twitter
RSS
E-Mail
50%
50%

Cybercrime: A Black Market Price List From The Dark Web

What does it cost for malware, stolen identities and other tools of the cybercriminal trade? Probably less than you think.
Previous
1 of 10
Next

Image Source: Adobe Stock

Image Source: Adobe Stock

There's no better lesson in the mechanics of a free market than watching a black market at work. And in this era of cybercrime, there may be no better observational laboratory of black market dynamics than on the Dark Web. For years now, security researchers have observed the evolution of the cybercrime economy, as malware authors, identity thieves and fraudsters have peddled their wares in a marketplace that has grown increasingly specialized in its division of labor. 

Today, the menu of options is staggering, with many widely available items and services becoming quickly commoditized. Social security numbers, stolen credit card numbers and full identity information run for as cheap as a few bucks each. Botnet booter rentals can be had for under $100 a day to conduct DDoS and stressor campaigns against targets. And many malware authors offer both software for sale and malware-as-a-service in the SaaS model for a range of prices.

Additional services and differentiated items like 0-day vulnerability information net attackers more lucrative price points, as attackers seek out the means for targeted campaigns. The illicit shops and salespeople on the Deep Web operate as true businesses, with many components of committing cybercrime bundled in special discount packages for customers seeking the best bang for their criminal buck.  It is truly a complex and sophisticated economy out there.

We've compiled some of the prices to give readers a feel for how cheaply crooks can get started in their criminal enterprises. All prices are given in USD, unless otherwise noted.

 

Ericka Chickowski specializes in coverage of information technology and business innovation. She has focused on information security for the better part of a decade and regularly writes about the security industry as a contributor to Dark Reading.  View Full Bio

Previous
1 of 10
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Google Engineering Lead on Lessons Learned From Chrome's HTTPS Push
Kelly Sheridan, Staff Editor, Dark Reading,  8/8/2018
White Hat to Black Hat: What Motivates the Switch to Cybercrime
Kelly Sheridan, Staff Editor, Dark Reading,  8/8/2018
PGA of America Struck By Ransomware
Dark Reading Staff 8/9/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: Now about that mortgage refinance offer from Wells Fargo .....
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-7097
PUBLISHED: 2018-08-14
A security vulnerability was identified in 3PAR Service Processor (SP) prior to SP-4.4.0.GA-110(MU7). The vulnerability may be exploited remotely to allow cross-site request forgery.
CVE-2018-7098
PUBLISHED: 2018-08-14
A security vulnerability was identified in 3PAR Service Processor (SP) prior to SP-4.4.0.GA-110(MU7). The vulnerability may be locally exploited to allow directory traversal.
CVE-2018-7099
PUBLISHED: 2018-08-14
A security vulnerability was identified in 3PAR Service Processor (SP) prior to SP-4.4.0.GA-110(MU7). The vulnerability may be locally exploited to allow disclosure of privileged information.
CVE-2018-7100
PUBLISHED: 2018-08-14
A potential security vulnerability has been identified in HPE OfficeConnect 1810 Switch Series (HP 1810-24G - P.2.22 and previous versions, HP 1810-48G PK.1.34 and previous versions, HP 1810-8 v2 P.2.22 and previous versions). The vulnerability could allow local disclosure of sensitive information.
CVE-2018-7077
PUBLISHED: 2018-08-14
A security vulnerability in HPE XP P9000 Command View Advanced Edition (CVAE) Device Manager (DevMgr 8.5.0-00 and prior to 8.6.0-00), Configuration Manager (CM 8.5.0-00 and prior to 8.6.0-00) could be exploited to allow local and remote unauthorized access to sensitive information.