Cybercriminals selling malware kits to amateur hackers for price of gallon of fuel - report
The HP Wolf Security threat team worked with Forensic Pathways on a three-month dark web investigation
Cybercrime is being supercharged through ‘plug and play' malware kits that are being sold for less than $10.
That is according to new research from HP, which shows that cyber syndicates are collaborating with amateur attackers to target businesses, with stolen credentials selling on the dark web for the price of a gallon of petrol.
The HP Wolf Security threat team worked with Forensic Pathways, a leading group of global forensic professionals, on a three-month dark web investigation, scraping and analysing over 35 million cybercriminal marketplaces and forum posts.
It's ‘Evolution of Cybercrime' report shows over three quarters (76 per cent) of malware advertisements listed and 91 per cent of exploits retail for under $10, whilst the average cost of compromised Remote Desktop Protocol credentials is just $5.
"Vendors are selling products in bundles, with plug-and-play malware kits, malware-as-a-service, tutorials, and mentoring services reducing the need for technical skills and experience to conduct complex, targeted attacks," HP said.
The report also found 77 per cent of cybercriminal marketplaces analysed require a vendor bond - a license to sell - which can cost up to $3,000.
A total of 85 per cent of these use escrow payments, and 92 per cent have a third-party dispute resolution service.
Alex Holland, senior malware analyst at HP, said: "Unfortunately, it's never been easier to be a cybercriminal. Complex attacks previously required serious skills, knowledge and resource.
"Now the technology and training is available for the price of a gallons of gas. And whether it's having your company ad customer data exposed, deliveries delayed or even a hospital appointment cancelled, the explosion in cybercrime affects us all.
"At the heart of this is ransomware, which has created a new cybercriminal ecosystem rewarding smaller players with a slice of the profits."
He added: "This is creating a cybercrime factory line, churning out attacks that can be very hard to defend against and putting the businesses we all rely on in the crosshairs."
Researchers also found that cyberhackers also target popular software, such as the Windows operating system and Microsoft Office, in order to "get a foothold and take control of systems."
The report recommends several ways for business to protect themselves, including following the best practices such as multi-factor authentication and patch management.
"We all need to do more to fight the growing cybercrime machine," Dr. Ian Pratt, global head of security for personal systems at HP, said.
"For individuals, this means becoming cyber aware. Most attacks start with a click of a mouse, so thinking before you click is always important. But giving yourself a safety net by buying technology that can mitigate and recover from the impact of bad clicks is even better."
"For businesses, it's important to build resiliency and shut off as many common attack routes as possible. For example, cybercriminals study patches on release to reverse engineer the vulnerability being patched and can rapidly create exploits to use before organisations have patched.
"So, speeding up patch management is important. Many of the most common categories of threat such as those delivered via email and the web can be fully neutralised through techniques such as threat containment and isolation, greatly reducing an organisation's attack surface regardless of whether the vulnerabilities are patched or not."