Just over a thousand dollars can buy a cyber-crook the tools needed to turn malicious action into financial profit, according to data from PandaLabs. This is thanks to a black market on the Web where malicious code and tools are available at knock-down prices.
All types of crimeware tools can be bought on hundreds of forums. Even though most Web pages are located in Eastern Europe, Internet mafia networks extend worldwide.
Buy a malware
If a cyber-crook wanted to buy a Trojan, say, he would only have to shell out between $350 and $700. A password stealer Trojan for example, costs $600, and a Limbo Trojan -with less features- costs around $500, although they have been sold for as little as $350. They both steal passwords to access online banks. Cyber-crooks would have to pay $500 for a Trojan that captures payment platform accounts, such as Webmoney, although there are often “special offers’. In one case, the first 100 buyers, only had to pay $400.
The next step is to get a list of email addresses to distribute the Trojan. For this, they only have to visit another web page, where they can get mailing lists of all sizes. Prices vary from $100 per million addresses to $1,500 for 32 million. If they also want to send links that download the Trojan to instant messaging users, they can buy a million ICQ addresses for $150.
The next step? Making sure antivirus programs will not detect the malicious code. For between one and five dollars per hidden executable, they can hire a service that protects the malware against security tools. If they want to do it themselves, they can get polymorphic encryption software called Polaris for just $20.
The last step is to send emails to distribute the Trojan. For approximately $500, cyber-crooks can rent a spam server. Then, they just have to wait for the victims to be infected.
The profitability of malware
A few simple calculations are all that’s needed to underline how lucrative this activity can be. If a Trojan costs $500 and a million-address mailing list costs around $100, that means $600 is enough to infect a million people. Then add a $20 encryption program and a $500 spam server. With almost a 10 percent (really low) success rate, hackers could infect 100,000 people.
If they then managed to steal bank details from 10 percent of them, it would mean access to 10,000 bank accounts. Just imagine the money the average person has in a current account and multiply it by 10,000 to calculate the cyber-crooks’ profits.
However, emptying thousands of accounts would be very suspicious and crooks seek to obtain money invisibly. They therefore, only take a small sum of money from each account, a hundred dollars, for example. Multiplied by 10,000, it still totals a million dollars. In other words, cyber-crooks can become millionaires with a $1,200 investment in very little time. Bearing in mind that very low success ratios were used in the calculations, the amount could be higher in real life.