How much does it cost to buy 10,000 U.S.-based malware-infected hosts?

by

Share this news now.

Earlier this month, we profiled and exposed a newly launched underground service offering access to tens of thousands of malware-infected hosts, with an emphasis on the fact that U.S.-based hosts were relatively more expensive to acquire, largely due to the fact that U.S.-based users are known to have a higher online purchasing power. How much does it cost to buy 10,000 U.S.-based malware-infected hosts? Let’s find out.

In this post, I’ll profile yet another service offering access to malware-infected hosts internationally, that’s been operating since the middle of 2012, and despite the fact that it’s official Web site is currently offline, remains in operation until present day.

More details:

Sample screenshot of the underground E-shop selling access to malware-infected hosts:

Malware_Infected_Hosts_as_a_Service_International_Europe_USA

The service is yet another example of a trend that’s been evident since the early days of the first Malware-as-a-Service underground market offerings, namely, the segmentation and use of perceived pricing schemes when it comes to U.S.-based malware-infected hosts. Naturally, purchasing access to U.S.-based malware-infected hosts is more expensive than, for instance, purchasing access to hosts based in Germany, Canada or the U.K., largely thanks to the fact that a U.S.-based user has a higher online purchasing power compared to the rest of the world.

If a potential cybercriminal wants to spread his fully undetectable piece of malware online, all he has to do is purchase access to the malware-infected hosts offered by such services, allowing virtually anyone access to “managed malware propagation” capabilities. The service that I’m profiling in this post is also attempting to “vertically integrate” within the cybercrime ecosystem by offering related “value added” services such as access to Socks5 servers, which are in reality malware-hosts converted to be used as anonymization proxies.

The prices are as follows:

  • 1,000 hosts World Mix go for $25, 5,000 hosts World Mix go for $110, and 10,000 hosts World Mix go for $200
  • 1,000 hosts EU Mix go for $50, 5,000 hosts EU Mix go for $225, and 10,000 hosts EU Mix go for $400
  • 1,000 hosts DE, CA and GB, go for $80, 5,000 hosts go for $350, and 10,000 hosts go for $600
  • Naturally, access to a U.S.-based host is more expensive compared to the rest of the world. A 1,000 U.S. hosts go for $120, 5,000 U.S. hosts go for $550 and 10,000 U.S hosts go for $1,000

Thanks to the rise of DIY (do it  yourself) underground market propositions, as well as managed services allowing novice cybercriminals to outsource the entire host acquisition, retention through QA (Quality Assurance), and dissemination of malicious campaigns to third-parties offering these capabilities as a service, we expect to see more of these services offering access to malware-infected hosts.

You can find more about Dancho Danchev at his LinkedIn Profile. You can also follow him on  Twitter.


Share this news now.

Trackbacks

  1. [...] Dancho Danchev, a careful observer of cyber criminal activities in the underground. The researcher described a new service offering access to thousands of malware-infected hosts, this time Danchev tried to [...]

  2. [...] this post the security expert Dancho Danchev is profiling a service offering access to malware-infected hosts [...]

  3. [...] The figures were put together Dancho Danchev of security biz Webroot from sales prices advertised on a newly established underground cybercrime forum. US machines are more expensive because their owners have greater online purchasing power than their counterparts elsewhere, Danchev explained in a blog post. [...]

  4. [...] The figures were put together Dancho Danchev of security biz Webroot from sales prices advertised on a newly established underground cybercrime forum. US machines are more expensive because their owners have greater online purchasing power than their counterparts elsewhere, Danchev explained in a blog post. [...]

  5. [...] Οι υπολογιστές στις ΗΠΑ είναι πιο ακριβοί, επειδή οι ​​ιδιοκτήτες τους έχουν μεγαλύτερη αγοραστική δύναμη στο διαδίκτυο από ό, τι άλλοι σε άλλα μέρη ή επειδή βρίσκονται σε υποδομές με πολύ περισσότερο διαθέσιμο εύρος ζώνης πρόσβασης (bandwidth), εξήγησε ο ερευνητής σε ένα blog post. [...]

  6. [...] tzv. zombií, které je možné na dálku ovládat a jež tvoří tzv. botnet. Mimochodem, kdokoliv si může takový botnet pronajmout a začít útočit. Podle informací, které máme k dispozici, byla většina útoků vedena [...]

  7. [...] the researcher described a new service offering access to thousands of malware-infected hosts, Danchev also estimated the [...]