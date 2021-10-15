A survey by the research firm Comparitech revealed how much the top cybercriminal attacks available on dedicated forums cost — and believe me, they’re cheaper than you think. In a world where such acts have become a service, with gangs offering their malware on demand and carrying out attacks based on customer contact, it only takes a few hundred dollars to launch scams that can lead to devastating results, whether from the point of view corporate or personal, in the case of targeted events. Extortion is highlighted as a cyber crime and Brazil is among the most affected 5% of attempts to open digital accounts in Brazil are frauds Phishing hits 230 millions of Brazilians in 517953 These are even the most expensive. According to the survey, attacks targeting specific people are the most expensive, with an average of US$ 526, approximately R$ 3 thousand, being charged by the bandits. Here, everything depends on the level of damage the client wants to cause, with some very disturbing options being offered on the forums, ranging from the theft of personal data that are passed on to the contractor to public defamation campaigns involving associations with pedophilia, violent crimes or trafficking drugs. Other options involve economic or corporate espionage, so that not only sensitive target information is passed on to third parties, but also focused on the possible dismissal or bankruptcy of commercial competitors. To have One idea, personal scams are more expensive than other alternatives considered more complex and sophisticated, such as the development of exclusive malware — costing, on average, US$ 230, or approximately R$1.7 thousand — or the invasion of websites (which costs about US$ 400, or roughly R$2.1 thousand). In the second case, also, different options are available, ranging from gaining access to servers and administration panels to stealing databases or credentials. Here, electronic game systems and infrastructure companies are the most targeted. Want to catch up on the best tech news of the day? Go and subscribe to our new channel on youtube, Canaltech News. Every day a summary of the main news in the tech world for you! Intrusions into social networks and personal devices are the services most offered by criminals, who also offer denial of service attacks, theft of credentials and even alteration of school grades (Image: Disclosure/Comparitech) At the top of the list of most expensive hires, however, an unexpected result: breaking into educational institutions’ systems to change grades costs, on average, US$ 526, or more than R$2.8 thousand. Here, it’s not necessarily about the difficulty involved in attacks of this type, but again, for the specificity, with this type of service not being so common in cybercriminal forums. In addition to graduations, some also claim to be able to obtain evidence hosted on digital systems or credentials from teachers and administrators, providing indiscriminate access to third parties. Invasion Market

Comparitech’s survey showed that, by far, the invasion social networks and personal devices such as computers or cell phones are the most popular services. They represent, respectively, 121% and 15% of the offers found during the survey, with the invasion of websites and the development of unique malware tied in third place, with 12% each. Contrary to what might be expected, obtaining e-mail credentials comes only later, with 8%, alongside espionage involving IP addresses and geolocation.

Criminals charge, in average, US$ 318, or about R$ 1.2 thousand, to hack profiles on social networks. The amount varies little by platform, with Facebook, Instagram and Twitter being the most popular. In all cases, the focus is on obtaining credentials so that the customer can gain access to third-party profiles, through the use of social engineering or malware against victims. WhatsApp is also frequently cited, focusing on spying on spouses, employees or co-workers.

Example of offering improper access to social networks, focusing on user credentials; e-mails also appear in the list, being the cheapest services on the market (Image: Reproduction/Comparitech)

Meanwhile, the cheapest average price appears in attacks from denial of service, but also on account of the characteristic of such scams. On average, the rental of device networks that bombard services with requests costs US$ 26 per hour, or approximately R$ 121. Packages with special discounts are offered for promotional values, with a month of bombing sites not protected against this type of practice, costing US$ 394, about R$2.1 thousand; pages with security systems or mitigation systems like Cloudflare, for example, cost twice as much.

Comparitech’s research shows a real market of criminals available to customers for virtually every type of service. Although rarer, occurrences involving the removal of posts from the internet, alteration of search results or obtaining medical records, or falsification of vaccination certificates against covid-26 also appeared. In addition, legitimate services can also be offered in obscure forums, such as the recovery of a lost cryptocurrency portfolio or security audits against the services offered in the spaces.

In all cases, Payment is made in advance, always in cryptocurrencies, with the customer being able to talk directly to those responsible for carrying out the tasks. The research was based on the evaluation of 12 dark web forums or communities, dedicated to the publication of cybercriminal services, in September 551. In all, 121 offers were evaluated, with values ​​being converted for the dollar according to the cryptocurrency quotation on the day of publication.

Source: Comparitech