Hackers used to work very hard to lure consumers to give away personal details and make their digital devices their slaves. They would add more devices to the network of slave digital devices, which would do what hackers want them to do. These networks, called botnets, launch large-scale cyberattacks, including the dreaded Distributed Denial of Services (DDoS).
Now, it’s changed. It’s as easy as drinking water, with their peers selling botnets at throw-away prices ranging from $99 on the Dark Web, according to cybersecurity experts at Kaspersky.
The spread is so vast. The Dark Web offers a wide variety of choices. Besides buying them, hackers choose a subscription model or a temporary rental service. They can also get a custom-made botnet to suit their specific requirements.
Prices for this bespoke service start at $3,000, with the final cost depending on the complexity of the desired botnet. These deals are typically conducted privately, with reputation playing a key role in partner selection.
Besides one-time purchases, botnets can be hired or acquired as leaked source code for a symbolic price. In some cases, custom botnet development is also available. Access to this leaked source code can be obtained for free or for a fee of $10 to $50.
More sophisticated options, boasting advanced features and evasion techniques, are priced up to $10,000.
With entry barriers to access botnets coming so low, hackers will be able to focus on attacks rather than spend their energy building a botnet.
“Mirai is one of the most infamous examples of a botnet. It scans the internet for IoT devices with weak default passwords, uses a set of known default credentials to gain access, and infects them,” Alisa Kulishenko, a security analyst at Kaspersky Digital Footprint Intelligence, has said.
“The infected devices then become part of the botnet, which can be controlled remotely to perform various types of cyberattacks,” she said.
For cybercriminals on a budget, leaked botnet source code offers a cheaper alternative, often available for free or a nominal fee. However, these pre-built botnets are easier for security solutions to detect, making them a riskier choice.
Subscription model
Botnets are also available for hire for those who prefer to own them on a subscription model. Depending on the botnet’s capabilities, monthly rental rates range from $30 to $4,800.
“The potential profits from botnet-powered attacks like ransomware and illegal cryptocurrency mining can easily justify these costs,” Alisa said.
Threat
Kaspersky says the availability and affordability of botnets on the dark web highlight the escalating threat they pose to individuals and organisations. It asks organisations to use threat intelligence services to identify potential attack vectors and deploy robust endpoint security solutions.
Comments
Comments have to be in English, and in full sentences. They cannot be abusive or personal. Please abide by our community guidelines for posting your comments.
We have migrated to a new commenting platform. If you are already a registered user of TheHindu Businessline and logged in, you may continue to engage with our articles. If you do not have an account please register and login to post comments. Users can access their older comments by logging into their accounts on Vuukle.