Hackers Selling Malware on Dark Web Underground Market for Less than $10 USD

In the present day, cybercrime is being accelerated by the availability of plug-&-play malware kits that allow criminals to launch attacks more easily than ever before. 

The plug-and-play kits are mainly DIY hacking kits which open the cybercrime market for people interested in cybercrime.

Putting our online world at risk, cyber gangs of hackers are collaborating with amateur hackers to target businesses through cyber attacks. A three-month dark web investigation was conducted by the HP Wolf Security threat team in collaboration with Forensic Pathway.

Over 35 million cybercriminal marketplaces and forum posts were scraped and analyzed by the research team, and the three most important factors were identified:-

• How do criminals operate?
• How do criminals gain trust?
• How do criminals build reputations?

Key Advantages

In these types of scenarios, attackers get several key advantages, and among them the most key ones are as follows:-

• There is no shortage of malware available for a low price.
• Cyber-thieves have a strange sense of honor when it comes to honoring.
• Cybercriminals are taking advantage of popular software to gain an advantage over users.

There are over three quarters of malware and exploits listed on the website that have an advertised selling price of less than $10. Typically, compromised credentials for Remote Desktop Protocol are only going to cost you around $5 on average.

Banking Trojan Kits

In focus, there are two major kits available to infect the banking sector, and here they are mentioned below:-

• ZeuS (Cost: $8,000)
• SpyEye (Cost: $1,000)

Moreover, there are also reports that threat actors are shifting from fraud to denial-of-service attacks and destructive attacks. In the last few years, cybercriminals have been introducing digital “as a service” models that facilitate attacks more easily.

Further, ransomware is now emerging as one of the most preferred methods of monetization for businesses and governments. As a result of these factors, we can see that now the training and technology are available for the cost of a gallon of gasoline, which is truly worrisome for cyber security.

It is imperative for businesses and organizations to prepare for the following security risks as they have been warned by security experts:-

• Destructive data denial attacks
• Targeted cyber campaigns
• Illicit use of artificial intelligence

Recommendations

There are a number of suggestions provided in the report that businesses can use to defend against threats facing them today and in the future:-

• Make sure you understand the basics of cybercrime so you can reduce your risk of becoming a victim.
• Don’t let anything distract you from your goal.
• In the world of cybercrime, every player has an important role to play. Security must also be taken into consideration when it comes to cybercrime.
• Always use the latest and most robust security tools.
• Make sure to implement robust security practices.

You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity updates.