7 things you didn't know about Russia's cybercrime market

Trend Micro's new white paper on the Russian cybercrime hacker underground sheds a little light on the black market for your company's data.


Last Tuesday, security firm Trend Micro released a research paper summarizing -- with several tantalizing details, naturally -- the cybercriminal underground in Russia, and it's an eye-opening read, to say the least.

The paper is based on data gathered from online forums and services used by Russian cybercriminals, contextualized by articles written by hackers on their activities. In other words, the company toured the badlands so you don't have to, and is now reporting back with intelligence.

We're not talking about hobbyists, by the way. We're talking about people who make a living doing this.

If you regularly peruse popular cybercrime forums such as antichat.ru, xeka.ru, and cardingcc.com, none of this will be news to you. But if you run a company that handles sensitive data -- these days, that's basically all of them -- there are some things you might like to know.

Seven things you probably didn't know:

1.) Distributed denial-of-service (DDoS) attacks cost just $10 per hour. If you're unfamiliar, these are the kind of attacks that deny access to legitimate users of a service. There is no data for hackers to gain from them; they exist only to paralyze websites or computers. An hour of someone's hell costs about as much as a light lunch.

2.) For e-mail spammers, databases, forum accounts and social networking accounts are most in demand. Date or job seekers, that means you, too. It costs as little as $10 to spam a million e-mail addresses, though the rate rises depending on the value of the database. Obviously, the success of such activity rests on how good the spam actually is.

3.) Even hackers need to test their malware against antivirus software. After all, they want to know if their malicious code can evade detection, and that comes at a price. It's about $30 per month for this kind of service, though "hackers tend to be wary of them because some can be set up by security companies to obtain information about the malicious files that have been tested," in a sort of digital double-agent scenario.

4.) Trojans are still alive and well, and these days hackers are after ICQ passwords, contact lists, confidential documents, bank account numbers and forum and social networking account credentials. A simple Trojan can be $8; an application-specific one can cost more than the app itself. The higher the stakes, the higher the price: a bank key-intercepting Trojan can cost thousands of dollars.

5.) The most common hacking targets are email and social networking accounts. "Hacked site and forum accounts are less commonly seen," according to Trend Micro. But overall demand is widespread: "The demand for such a service is enormous so advertisements for this abound in underground markets."

6.) Despite the tremendous rise of mobile devices, SMS fraud services are fairly rare, "largely due to the development of the Internet and the emergence of simpler ways to make money," Trend Micro says. But they can be useful for activating other services via SMS. It's about $150 to spam 10,000 people, 

7.) There's even a market for scanned documents, such as a passport or driver's license, but not for the reason you think. It's not for the information they have -- rather, it's to confirm a user’s identity for a service that requires this burden of proof. Access to your PayPal account is worth much more than the color of your eyes. "Scanned document copies sell very well in the underground market," Trend Micro writes. "Some also offer services to rework scanned documents using a template."

There's plenty more in the report, which I urge you to read if you're interested in pricing information for all of these things and more. (Exploits, rootkits, ransomware, SQL injections, botnets, VPNs -- it's all covered.) 

A tip o' the hat to Wired UK, which wrote up a nice piece about this.