Posted by Brian Krebs 22.214.171.124 August 23, 2008 at 10:51:35:
The allure of cyber crime lies in its promise of quick riches, much like that of the illegal drug trade. But building a network of hacked personal computers that can distribute your data-stealing malicious software is a time-consuming process that requires a modicum of skill. That is, until recently, when several online services have emerged that promise to help would-be cyber crooks graduate from common street dealers to distributors overnight.
So, let's say I'm a wannabe cyber crime guy, and I download or purchase some malware from any number of forums that host these things or configure them to your liking. I then mosey on over to loads, and check out their distribution price lists. For $100, I can have my malware loaded onto 1,000 PCs around the globe for roughly $100, or 10 cents per compromised machine. I merely tell the site the location of the URL where my malware is hosted, pay for the service with Webmoney, and sit back and wait for my soon-to-be-infected machines to start sending me their passwords and other sensitive data.
If a know-nothing cyber crook can pay $120 and infect 10,000 already-hacked PCs in the United States, what does that say about the sheer number of systems under control of the bad guys? To me, it says that compromised machines or "bots" as they are more commonly known, have become a commodity, or - to cite Wikipedia's definition -
I hope this is obvious, but it's probably best to avoid visiting the sites named in this post, as they exist solely to orchestrate the infection of computer systems.