According to data presented by the Atlas VPN research team, most damaging attacks, like ransomware kits and sophisticated targeted attacks, cost anywhere between $66 and $500 on the dark web.
Cybercrime has been dominating the headlines of many technology-related websites for at least the last two years. There is a valid reason for the attention - criminals are increasingly more successful in their cyber-attack attempts, sometimes profiting thousands of dollars from a single intrusion.
Yet, do we know anything about the costs behind these attacks? Here, we will analyze how many resources hackers need to launch an attack on enterprises and users.
Analysts from Microsoft provided the costs of these tools in their Digital Defense Report, released in October 2021.
Spearphishing attacks cost anywhere between $100 and $1,000. Spearphishing differs from regular phishing attacks because they are targeted towards a specific victim, be it an organization or an individual. Such attacks have a much higher success rate than regular phishing attacks that are sent out in bulk.
Denial of service (DoS) attacks are among the most common types of attacks in the cybercrime world. Hackers charge around $311 to send a barrage of DoS attacks for a month. These attacks are meant to overflood a specific network with traffic to the extent that it becomes unavailable for its users.
You can also hire a hacker for any specific job that is out of the ordinary scope of offers. One job usually costs around $250. This can include hacking into someone’s social media accounts, credit card scams, identity theft, and so on.
One of the most widely used cyberattacks - ransomware, cost as little as $66 per kit. Worth noting that usually, the kit has to be modified to the specific job. Ransomware differs depending on the security measures it has to slip through, among other factors.
Compromised credentials are available for as little as $0.97 per 1000. Due to countless breaches over the past few years, there is no shortage of stolen passwords and username pairs. The hacker does not guarantee that the credentials will be of any use, as the victim most likely changed the password or does not re-use the same credentials over multiple accounts.
After purchasing a package of credentials, the criminals use software that automatically tries the username and password combinations on various websites and services.
Finally, access to devices that have been hacked or infected with malware is also for sale on the darknet. There is no guarantee that the user of the device did not patch it after getting hacked or that there is anything useful on the compromised device.
Of course, these illicit things are only sold on the darknet. The dark web is a network-encrypted area that requires special software to access. Furthermore, most marketplaces require an invitation to enter. Cybercriminals use this method to shield themselves from unwanted attention.
Services sold between hackers
Innovative hacking technologies have been mostly developed by large hacker groups. Smaller groups or individual hackers do not have enough resources to develop such software.
As a result, there is a demand for specific services, which are being sold on the dark web. Many organized crime groups (OCGs) interact with one another on the dark web in private forums. To get in, you'll need a good reputation and a referral from someone who knows the ropes. OCGs can collaborate, exchange their latest technology, and sell their services in these forums.
Flashpoint intelligence dove into the dark web and analyzed various marketplaces to get intel into what services hackers sell to each other. They could not get the exact pricing, but they did find out the most popular offers.
Counter Anti-Virus (CAV) service is among the most popular offers on the darknet. You purchase scripts and tools that hide your malware from most antivirus programs. Hackers identify which antiviruses the program will operate against when they sell it.
Escrow services are also widely available. These services operate as a middleman between two parties in a transaction. The money is only given to the seller if the buyer is happy with the services supplied.
Laundering or money mule services. Money mule services transfer money between various international accounts until it is successfully laundered and loses its source. These mules are also capable of transporting physical cash.
Cryptor services - these services, similar to CAV, disguise your virus from firewalls and other security tools. The virus is encrypted and behaves in the same way as a regular file.
Written by Edward G, Cybersecurity Researcher at Atlas VPN.
