By Dancho Danchev
Remember the E-shop offering access to hacked PCs, based on malware ‘executions’ that we profiled last month?
We have recently spotted a newly launched, competing E-shop, once again selling access to hacked PCs worldwide, based on malware ‘executions’. However, this time, there’s no limit to the use of (competing) bot killers, meaning that the botnet master behind the service has a higher probability of achieving market efficiency compared to their “colleague.” Additionally, the botnet master won’t have to manually verify the presence of bot killers and will basically aim to sell access to as many hacked PCs as possible.
Sample screenshot of the actual advertisement:
The newly launched E-shop not only accepts Bitcoin but guarantees up to 20,000 hacked PCs on a daily basis; given that someone’s interested in purchasing access to this many hosts. 1,000 hosts go for $30, 10,000 hosts go for $250, and 20,000 hosts go for $400, all of them from mixed international locations, meaning they’re infecting virtually anyone that can be infected without bothering to segment the ‘targeted population’ in any of the campaigns that are responsible for generating their ‘inventory’.
Sample screenshot of a customer confirming the legitimacy of the service:
We expect to continue spotting newly launched E-shops selling access to hacked PCs as a service, accepting either Bitcoin, or alternative payment methods, due to the overall availability of easy to use DIY (do-it-yourself) malware generating tools, or services allowing novice cybercriminals to generate a completely undetected — using signatures-based scanning techniques — pieces of malicious software.