In a research conducted by Kaspersky Lab, Dmitry Bestuzhev claimed, “When the value of stolen credit cards and other types of credentials are added up, hackers can easily take in $1,000 worth of data from just one hacked computer.”
Quite often I’m asked, “Why do hackers hack?”
I’ve always responded with various examples of how the hackers (cybercriminals) make money. Many often think that it’s just stolen credit cards, however, in the last year, I’ve seen the tide moving away from just credit cards to various other forms.
For instance, do a Google search on “pay per install” and you’ll find an entire underground where people are paid for installing “crapware”. This is software that doesn’t really add any functionality for the end-user. What it does do is provide the people paying the hackers a way to make money from displaying ads or in some cases, for remotely controlling the PC.
Hackers also use infected PCs to send SPAM. Don’t think SPAM sells any products? Do you think that as valued as a compromised PC is to hackers, they’d risk being eliminated if it didn’t produce some return?
Obviously statistics aren’t available for what kind of returns they get. Numerous requests for interviews were all declined by those in the hacker communities.
In addition to stolen credit cards, pay per install and SPAM, Bestuzhev has seen Gmail accounts for sale on Russian hacker forums, with asking prices of$82, RapidShare accounts going for $5 per month, as well as Skype, instant messaging and Facebook credentials also being offered. He recently witnessed one offer to buy a hacked Twitter account for about $1,000. The particular Twitter account had 320 followers.
Now there’s a new Internet Marketing strategy – build up a quick Twitter following then sell it to hackers.
For those who are always wondering why hackers hack, it’s because they make money – lots and lots of money.
As our focus is website security, imagine why they want to infect so many PCs with their drive-by downloads. With so many people having Twitter accounts, is it any wonder why they want your website?
Think about the numbers. If the hackers are willing to pay $1,000 for a Twitter account with only 320 followers, imagine how much they can make off of that. The hackers know numbers. They know that if something costs them $1,000, it must be able to generate at least 10 – 20 times that. It’s all about risk versus reward.
How would you know if your PC is hacked? Would you know if your Twitter or Facebook account were hacked? How many people could be infected from your: Twitter page, Facebook site or website?
I just thought that those of you who follow me on this blog, might want to know.
An educated website owner is the best kind.
Let me know your thoughts or comments on this.