A new whitepaper on the cost of criminal services has revealed that, over the past five years due to supply and demand, the prices for botnet rentals and credit card numbers have taken a nosedive.
Ransomware-as-a-service prices still start at $5 with Crypterlocker, which has been around since 2013, continuing to demand a high price (around $100), but copies of driver’s licenses, passports and bill statements start at $5 – similar to prices in 2015, while United States credit cards, which were sold at $20 in 2015, now start at just $1.
I think it’s a false plummet that substantially stems from a rapid proliferation of amateur and unskilled cybercriminals. Many young people were earning their living by doing some ad hoc programming and other IT work. With the pandemic, demand for their services crashed, leaving them without a choice but to join the dark side. Unsurprisingly, their cheap services are often of substandard quality, while when dealing with goods such as credit cards you will likely pay for blocked or expired ones, or a duplicate that\’s already been sold to another client in the best case scenario.
There are also some temporary fluctuations on the market, for example, skimming attacks may get considerably less victims than usual and thus affect supply and demand. Most of the skilled cybercriminals feel very comfortable amid the pandemic, enjoying countless new and unprepared victims and innumerable number of exposed and unprotected devices and infrastructure.