This article is more than 1 year old

Oh cool, tech service prices are plummeting. And by tech services, we mean botnet rentals and stolen credit cards

Supply and demand in action

Crime has never been cheaper to pull off, so long as you're not particular about quality.

At least that's according [PDF] to a Trend Micro whitepaper on the cost of criminal services, which says over the past five years the prices for botnet rentals and credit card numbers have taken a nosedive.

"In 2015, generic botnets started selling at around $200 in Russian underground forums. Generic botnet prices today cost around $5 a day, and prices for builders start at $100," Trend said.

"United States credit cards were sold at $20 in 2015, but prices start at $1 in 2020. High-balance credit cards are selling for over $500 in 2020. Meanwhile, monthly crypting services dropped to around $20." A crypting service is one that encrypts and obfuscates malware and other malicious code to evade detection.

Essentially, criminal services that once commanded fairly high prices are now commonplace, and as a result asking prices have plummeted. Having said that, prices for specialized services have stayed rather steady. Ransomware, for example, fetches the same price it did five years ago.

"Ransomware-as-service prices still start at $5. Crypterlocker, which has been around since 2013, continues to demand a high price (around $100)," Trend noted. "Scanned document services, such as copies of driver's licenses, passports, and bill statements, still start at $5 – similar to the prices in 2015."

There is still a premium market to be had for boutique malware. The Trend team observed that particularly nasty strains of ransomware, such as Jigsaw, are able to command prices of up to $3,000, while the Ranion ransomware charges around $900 for an annual subscription. Similarly, Trend said the top pieces of banking malware, things like the Osiris trojan, still sell for around $3,000, and specialized services such as spamming are still able to command the same prices they fetched five years ago.

Rather, it's the low-hanging fruit that has become cheaper. With so many poorly maintained services out there, things like compromised streaming accounts are now easy to come by.

"The market is actually oversaturated," the Trend team said. "Stolen accounts make up 32 per cent of all underground offerings. Most accounts start from $1, with only a few high tier accounts demanding premium prices. Disney only launched their new streaming platform, Disney Plus, in November 2019, but available account credentials have already flooded the market."


If someone could stop hackers pwning medical systems right now, that would be cool, say Red Cross and friends


The same can be said for bank accounts. The researchers said that due to oversaturation, there is a glut of compromised banking credentials, and as a result the asking price for a stolen credit card has plummeted, from $20 each in 2015 to just a dollar these days. Still, as with everything else, there is a premium on the high end. Trend noted that high-balance cards, accounts that allow purchases of $5,000 or more, will still sell for around $500 on the open market.

Interestingly enough, registered passports are a hot commodity, fetching around $2,500 each. Additionally, crackdowns on prescription drugs is creating a new opportunity in the criminal markets.

"The US opioid crisis has also had an effect on underground goods and services. Opioid prescription has gone down, thus making the drugs more difficult to obtain," said Trend. "This resulted in an increased demand for forged prescriptions pads. Medical professionals have also started to move to e-prescriptions, which may impact the market further. Forged prescription labels continue to be found in dark web marketplaces for around $60."

There is also an emerging market for, disturbingly enough, deepfake videos. The researchers found scumbags making faked videos for $50 apiece, though if you're on a budget, faked images will only cost around $2.50

One of the main drivers, said the researchers, is sextortion scams.

"People would be more likely to pay the extortion amount if cybercriminals started attaching or sending links of realistic Deepfake images of their victim. A real image or video would be unnecessary," noted Trend. "Virtually blackmailing individuals is more efficient because cybercriminals wouldn't need to socially engineer someone into a compromising position. Deepfake videos can also be used to undermine the reputation of a political candidate or senior executive." ®

More about


Send us news

Other stories you might like