In a research conducted by Kaspersky Lab, Dmitry Bestuzhev claimed, “When the value of stolen credit cards and other types of credentials are added up, hackers can easily take in $1,000 worth of data from just one hacked computer.”

Quite often I’m asked, “Why do hackers hack?”

I’ve always responded with various examples of how the hackers (cybercriminals) make money. Many often think that it’s just stolen credit cards, however, in the last year, I’ve seen the tide moving away from just credit cards to various other forms.

For instance, do a Google search on “pay per install” and you’ll find an entire underground where people are paid for installing “crapware”. This is software that doesn’t really add any functionality for the end-user. What it does do is provide the people paying the hackers a way to make money from displaying ads or in some cases, for remotely controlling the PC.

Hackers also use infected PCs to send SPAM. Don’t think SPAM sells any products? Do you think that as valued as a compromised PC is to hackers, they’d risk being eliminated if it didn’t produce some return?

Obviously statistics aren’t available for what kind of returns they get. Numerous requests for interviews were all declined by those in the hacker communities.

In addition to stolen credit cards, pay per install and SPAM, Bestuzhev has seen Gmail accounts for sale on Russian hacker forums, with asking prices of$82, RapidShare accounts going for $5 per month, as well as Skype, instant messaging and Facebook credentials also being offered. He recently witnessed one offer to buy a hacked Twitter account for about $1,000. The particular Twitter account had 320 followers.

Now there’s a new Internet Marketing strategy – build up a quick Twitter following then sell it to hackers.

For those who are always wondering why hackers hack, it’s because they make money – lots and lots of money.

As our focus is website security, imagine why they want to infect so many PCs with their drive-by downloads. With so many people having Twitter accounts, is it any wonder why they want your website?

Think about the numbers. If the hackers are willing to pay $1,000 for a Twitter account with only 320 followers, imagine how much they can make off of that. The hackers know numbers. They know that if something costs them $1,000, it must be able to generate at least 10 – 20 times that. It’s all about risk versus reward.

How would you know if your PC is hacked? Would you know if your Twitter or Facebook account were hacked? How many people could be infected from your: Twitter page, Facebook site or website?

I just thought that those of you who follow me on this blog, might want to know.

An educated website owner is the best kind.

Let me know your thoughts or comments on this.

What if you were offered a $200 iTunes card for less than $5?

How about for $2.60?

Would you buy it?

Apparently cybercriminals based in China have cracked the algorithm used by Apple to generate legitimate iTune cards. This along with their stolen credit card data has become yet another revenue stream for the cyber-criminals.

What’s really amazing is that you can’t even buy a $200 gift card from Apple. Their denominations are: $15, $25 and $50.

This story originally broke here: http://outdustry.com/2009/03/10/the-chinese-itunes-gift-voucher-trick/ and a little investigation on our part revealed some interesting sites.

We’ve seen some “middle men” insert themselves in this tangled web of deceit. They actually buy the numbers from the original cybercriminals and then resell them to people they know, thus creating a wholesale/distributor type of business. Talk about an affiliate program that pays big dollars!

Some people are offering cards on various auction type websites. (I’m not mentioning any names but one of them rhymes with prepay)

Please know that buying and using these cards is illegal. We’re posting this so you know NOT to buy them and think they’re legit – they’re not.

What will they think of next?

I don’t know, but I’m sure we’ll see it soon.