News In the darknet, prices for access via RDP, DDoS attacks and payment card data are growing


Lucky

Essential
Joined
14.09.20
Messages
97
Reaction score
464
Points
33
The price for a fully managed DDoS attack is $165 on the darknet.

image
Cybersecurity researchers at Flashpoint have reported rising prices for access to RDP servers, stolen payment card data and a "DDoS-as-a-service" business model on underground forums and trading platforms.

"As a result of the pandemic and related global trends, the demand for malicious and illegal goods, services and stolen data has reached a new peak in the darknet markets. We have seen what can be called impressive, insightful innovations in the entire cybercrime ecosystem, " the experts said.

After an in-depth study of the underground market, experts found that prices for stolen payment card data rose sharply in 2020 — from $14.64 in 2019 to $20.16 in 2020. Meanwhile, the price of payment card "dumps" also rose from $24.19 in 2019 to an average of $26.50 in 2020.

Microsoft's proprietary remote desktop Protocol, used to provide system administrators with the ability to remotely connect to corporate devices, as well as to update servers, is still a favorite with cybercriminals. The popularity of RDP lists among cybercriminals continues to grow. On underground trading platforms in 2020, prices for RDP access vary: global administrative access costs $10, and hacked RDP costs $35.

Meanwhile, according to researchers, prices for DDoS services have been rising since 2017. While In 2017, standard DDoS mercenary offerings rarely exceeded $27, in 2020, a 10-minute DDoS attack (60 Gbps) costs $45, and a four-hour DDoS attack (15 Gbps) costs an average of $55. The price for a fully managed DDoS attack is $165. According to the researchers, the increase in prices is due to several factors.

"First, the shutdown of larger web sites should be done on a case-by-case basis due to improvements in DDoS protection offerings and the widespread use of content distribution networks, which is beyond the capabilities of all but the most advanced criminals. However, there are still cases where attackers can successfully attack large resources, such as disabling Wikipedia with a DDoS attack in September 2019."

According to them, DDoS services that charge an hourly fee are also becoming more popular.

The cost of sensitive data to execute fraudulent schemes and conduct automated cyber attacks is rising again. For example, the cost of recording so-called "dumps" of payment cards, that is, full information about the card, has increased by 225% since 2018. The high demand for stolen personal data also includes "Fullz" lists, which contain various combinations of identification and banking data, such as Bank logs, routing numbers, payment cards, government-issued identification cards, and personal information, including records of social security numbers or dates of birth.
 
Top Bottom