Digital Underground Offering Cheap Botnets For Hire

Outsmart Malicious Hackers


Perhaps even the cyber-criminals are effected by the recent recession – botnets for hire are hitting rock-bottom rates starting at just $2. We reported back in April 2010 about the Texas Man Who Pleaded Guilty To Bot Network For Hire.

They are becoming more multi-talented as well rather than just offering bot networks for DDoS attacks or Spam you can also hire them to get stolen credit card info, PayPal accounts, bank accounts for credit references, to set up a secure VPN and much more.

As always the bad guys are ahead of the game and adapting their ‘business model’ to suit consumer demands. It still not easy to get hold of these kind of services, but they are out there and as reported they are cheap.

Botnets for hire to launch your own spam campaign and stolen credit card information sold at the rock bottom price of $2 are just two of the commodities easily found on the cyber-crime black market today, according to a report released this month by Panda Security. The report, which was conducted by PandaLabs researchers who posed as cyber criminals, details a vast criminal network selling stolen bank account information in forums and dedicated online stores.

“This is a rapidly growing industry and cyber-criminals are aiding and abetting each other’s efforts to steal personal information for financial profit,” Panda Security officials note in a release on the findings. “The cyber-crime black market, which has traditionally centered on distributing bank and credit card details stolen from users around the world, diversified its business model in 2010, and now sells a much broader range of hacked confidential information including bank credentials, log-ins, passwords, fake credit cards and more.”

The report also delves into a detailed pricing system and the digital black market prices for various types of stolen information. However, PandaLabs discovered that while the information may be available, it can only be accessed by personally contacting the hackers who are promoting their information for sale on forums and in chat rooms.

It seems like $2 will get you a legitimate but unverified bank account or credit card number. It won’t however get you the verification number or the available account balance.

The bad guys are almost operating on a freemium model, offering basic card/bank details at close to nothing ($2) and then raising the price for additional information or in some cases larger credit lines/bank balances.

I’d imagine operating in such a way they are making quite a profit from their botnets, rather than just renting out the compromised machines they are also benefiting from the information stolen from the home desktops they have infected with their malware.


Once the information is in a criminal’s hands they can easily defraud any bank or credit card account long before the hack is discovered, the report claims. The data can be purchased for as little as $2 per card. But $2 will not provide the buyer with additional information or verification of the account balance available.

“If the buyer wants a guarantee for the available credit line or bank balance, the price increases to $80 for smaller bank balances and upwards of $700 to access accounts with a guaranteed balance of $82,000,” said researchers.

The report also details an intricate price structure for accounts with a history of online shopping or use of payment platforms such as PayPal. If stolen credit card numbers aren’t your thing, prices are also available for botnet rental to launch a spam campaign. The price range varies depending on the number of computers used and the frequency of the spam, or the rental period, the report reveals. Prices start at $15 and rise to $20 for the rental of a SMTP server or VPN to guarantee anonymity. One can also hire cyber criminals to assist with the set up of a fake online store to use rogueware techniques for stealing user details and profiting off unsuspecting victims who pay for fake antivirus products.

“There are also teams available to deliver turnkey projects, design, develop and publish the complete store, even positioning it in search engines,” the report states. “In this case, the price depends on the project.”

It seems like the criminals have quite an extensive ‘menu’ of offerings and can provide SMTP servers for spamming or VPN services to provide anonymity. You can also hire them to help you as a kind of cyber-criminal consultant to set up a fake online store or phishing site.

They offer the whole work-flow just like a professional software development company – design, deployment and even SEO services.

Pretty interesting stuff.

Source: Network World

Posted in: Malware, Phishing, Spammers & Scammers

, , , , , , ,


Latest Posts:


snallygaster - Scan For Secret Files On HTTP Servers snallygaster – Scan For Secret Files On HTTP Servers
snallygaster is a Python-based tool that can help you to scan for secret files on HTTP servers, files that are accessible that shouldn't be public and can pose a s
Portspoof - Spoof All Ports Open & Emulate Valid Services Portspoof – Spoof All Ports Open & Emulate Valid Services
The primary goal of the Portspoof program is to enhance your system security through a set of new camouflage techniques which spoof all ports open and also emulate valid services on every port.
Cambridge Analytica Facebook Data Scandal Cambridge Analytica Facebook Data Scandal
One of the biggest stories of the year so far has been the scandal surrounding Cambridge Analytica that came out after a Channel 4 expose that demonstrated the depths they are willing to go to profile voters, manipulate elections and much more.
GetAltName - Discover Sub-Domains From SSL Certificates GetAltName – Discover Sub-Domains From SSL Certificates
GetAltName it's a little script to discover sub-domains that can extract Subject Alt Names for SSL Certificates directly from HTTPS websites which can provide you with DNS names or virtual servers.
Memcrashed - Memcached DDoS Exploit Tool Memcrashed – Memcached DDoS Exploit Tool
Memcrashed is a Memcached DDoS exploit tool written in Python that allows you to send forged UDP packets to a list of Memcached servers obtained from Shodan.
QualysGuard - Vulnerability Management Tool QualysGuard – Vulnerability Management Tool
QualysGuard is a web-based vulnerability management tool provided by Qualys, Inc, which was the first company to deliver vulnerability management services as a SaaS-based web-service.


4 Responses to Digital Underground Offering Cheap Botnets For Hire

  1. ColdZero January 25, 2011 at 4:01 pm #

    How can i search for an underground site list… so i can block them on my webgate control?

  2. stuff January 26, 2011 at 6:16 am #

    It’s weird that the title has almost nothing to do with the content. Almost the entire post is talking about the $2/cc, which has been normal for a long time now.

  3. Brandon January 31, 2011 at 9:37 pm #

    Its super simple to do all of the things described in this post…

    its all just a bunch of people using purchased trojan horse software, and encrypting it to bypass AV, and then spreading it… all the tools are available on a single site, and that site also has a marketplace that sells all the stolen goods to each other… the reason its so cheap is because so many people are doing this now…

    I stopped messing with RAT’s/Trojans once I realized the only point to them is stealing from people or being a creep… or ddoss attacks which are just as pointless to me or anyone not being a destructive child.

  4. pwnsauce February 5, 2011 at 4:47 pm #

    Aye, reason it is so cheap is because it is so bloody easy. In fact the people who do the hard work are the trojan makers/coders, and the customers who have to somehow monetize on their investment.

    I am fascinated though, for some perverse reason, by the idea of making the ultimate botnet tool. Like, the single greatest trojan ever. Thank god I have morals and confine myself to the odd bit of malware analysis.

    BTW, there is a FUD (crypted) ‘Artemis.IM.Worm’ variant doing the rounds of facebook chat again, I have a video of the thing in action trying to infect an associate.