Cyber-criminals in price war over infected computers
8 August 2014 | 0
Cyber-criminals are now able to buy access to compromised Irish computers for as little as $0.10 per computer. In an update issued to its customers, Irish IT security firm Smarttech.ie have reported that a price war has broken out amongst cyber-criminals. In the USA, this has resulted in the cost of a hacked computer falling by nearly 50% since the start of 2014.
“For the criminal gangs around the world who want to launch a cyber-attack, it is a buyers’ market,” warned Ronan Murphy, CEO of Irish IT security firm Smarttech.ie. “Initially they may not have had the skills to build and deploy the malware services themselves but with this new user friendly model they can buy it off the shelf. Also the appetite for this service is huge and competition has seen prices fall by 50% since the start of the year. In the USA, cyber criminals will now sell a list of 10,000 computers that have been deliberately infected with a customised virus, for only $1,000 in total or $0.10 per computer. We see evidence on a daily basis of Irish customers who have also fallen prey to these global botnets.”
In the new malware-as-a-service (MaaS) industry, cyber-criminals are able to access the same kind of professional services that are normally associated with the legitimate Software as a Service industry. The scale of the cybercrime operations and the number of new entrants in the MaaS market has resulted in malware as an industry going mainstream, with cyber-criminals offering extremely high levels of customer care.
“The MaaS market is a scary prospect because it allows non technical criminals to branch out into an area where they have no experience,” Murphy said. “Criminals are able to access all the professional customer care services like 24 hours Web chat, quality assurance and all the other necessary support services. For criminals, they are able to order customised viruses which are geo-specific making Irish owned computers a legitimate target for cyber criminals.”
While the commodity being sold by cyber-criminals are computers infected with malware, it is what the malware does which matters. A large percentage of the malware is designed to steal the financial information such as online banking or credit card credentials. If these are not forthcoming then the malware will usually encrypt the computer and demand a ransom to decrypt it.