You’ll be able to find a hacker these days willing to break into an email or social media account for the small fee of $129 while corporate email accounts can start from $500 per account.
These details are revealed via a recent study of the underground hacking market conducted by Dell’s CISO INTEL Team of two intelligence analysts, who’s been doing this for the past three years. They tracked hackers on various forums and marketplaces across the globe, particularly the Russian underground and English-speaking marketplaces, to provide “a small window into the world cyber criminals occupy.”
With most cybercrime goods and services freely available, Dell found that the going price for someone to hack into your email account or buy your digital identity is getting cheaper. Stolen bank account credentials, passports, social media hacking and other services tend to fetch higher prices and prices are steadily rising.
Cyber-crime has become so sophisticated that the underground market for such services is little different from more legitimate markets. Hackers on underground forums promote their abilities and products to prospective buyers by listing their experience and skills, while showing off how “honest” they are.
“Like any other market in a capitalist system, the business of cyber crime is guided by the supply and demand for various goods and services,” the report’s authors wrote.
To compete and guarantee “customer satisfaction,” hackers are increasingly focusing on salesmanship to please customers. Some hackers even boast of things like 24/7 customer service, while many offer educational courses to teach people how to hack for themselves. Dell says one ad offered “free-trial attacks” and “abilities” while other hackers are expanding their work hours to include weekends.
Some interesting tidbits from the report include the price one can expect to pay in order to hack someone’s Gmail, Yahoo or Outlook.com email account. These personal emails from US-based email accounts are stolen for just $129 (£92). Hacking into someone’s corporate email account will cost $500 per mail box. Breaking into popular Russian email accounts, however, will cost between $65 and $105. If someone is looking to hack the IP address of a computer user, it will cost them another $90.
Hacking into social media accounts was also included in the list of illicit services where breaking into a US-based Facebook and Twitter account will cost $129. The price jumps again to break into popular social websites in Russia such as VR.ru and Ok.ru, costing $194. Doxing (locating and publishing private or identifying information about an individual, with malicious intent) is just for $20.
Prices for a Remote Access Trojan (RAT) — a malware program that allows cyber criminals to secretly control your computer remotely — are dirt cheap, going for as little as $5 to $10. An Angler Exploit Kit, on the other hand, costs between $100 and $135. DDoS attacks are usually charged by the hour, day or week and range from $5 to $555. Hacking tutorials are also available for purchase online for criminals on a budget and goes for as little as $20 to $40.
One of the most popular items on the underground market bounds ATM skimmers – hidden electronics that steal personal data stored on your debit or credit card’s magnetic stripe – are priced at $1,775 a piece (with new 3D printed versions coming out as well), fake European passports at $1,200, numerous bank account credentials, company dossiers, fake driving licenses and American Express cards all being frequently listed for sale.
Dell’s report comes amid rising concerns by governments and law-enforcement officials about the growing threat of cybercrime and cyber-terrorism. It also highlights the frightening potential for anyone with internet access and money to create fear and chaos by disrupting critical networks and infrastructure.
SecureWorks’ report shows that cybercrime economy is rapidly modernizing and expanding all of the time, and despite the best efforts of the security world, it looks as if it’s only set to grow even bigger.
The report is well worth a read. To read the complete report, register and download it from the official SecureWorks’ site of Dell.