Hackers Spend Very Less on Hacking Tools
As per a new online fraud report from RSA (the Security Division of EMC), hackers don't need to spend much to purchase tools they require to steal millions of dollars from hacked banking and payment card accounts.
In their "window shopping", the team managed to get prices on everything from distributed denial of service attacks ($50 per day of website flooding) to online bank accounts that sold for around ($50 to $1,000). A non technical user can easily get ready made Zeus kit that can hit thousands of users.
Security experts also reveal that hackers not just deal with stolen data, but they also provide several tools and services that enable other users to harvest this data or monetize it.
The report states that bulletproof hosting, a hired serviced used by hackers to host harmful content, is provided between $87 and $179 per month depending on the service level and around $400 per month for certain infrastructures.
The main idea is suggested by its name: "Bulletproof"- tough for law enforcement to take down than any other hosting method out there.
Zeus Trojan Kit, one of the most persistent banking trojans with an infection rate of several systems per day, highly sophisticated features, evolving code, latest variants and communication resources is sold between $3k and $4k. Unauthentic Zeus variant copies sold in the underground would go for $800.
The most-advanced current-day Trojans, SpyEye Trojan Kit, which boasts its own IE and Firefox HTML injections can be availed in the underground market for $1,000.
To keep the economy of hackers moving, vendors of hacked data mainly got their "merchandise" by initiating phishing and Trojan attacks or attacking merchants' databases. Afterwards, they put the harvested data for sale in several underground forums.
Several fraud services and products are sold in the underground for nearly $50, but can be associated with the loss of several dollars in the end. Unfortunately, there can be no price tag attached on the loss of privacy in the case of consumers.
Related article: Hackers Redirect Windows Live Search to Malicious Sites
» SPAMfighter News - 25-09-2010