On dark web marketplaces, an average exploit sells for less than $10. But zero-day breaches can cost thousands of dollars.
HP has released a report* on the evolution of cybercrime. It is fueled by the findings of a darknet investigation commissioned by Forensic Pathways*.
What are the main lessons of this report?
On darknet marketplaces, searches are focused on exploiting known flaws in popular software. Examples include Windows, Microsoft Office, content management systems (CMS), web servers, and email servers…
In addition, 91% of the 174 exploits** discovered at the beginning of the year and promoted through the dark web are sold for less than $10. In addition, 76% of the 1,653 malware advertisements studied offer a suite of malware at the same price.
In addition, the average value of stolen credentials for accessing a Remote Desktop Protocol (RDP) instance is less than $5.00.
Much higher prices, averaging between $1,000 and $4,000, are offered for kits that should allow their customers to exploit vulnerabilities in niche systems.
As for “day zero” flaws (vulnerabilities that are not yet known to the general public), they can be sold for prices ranging from 10 to “several thousand dollars” on darknet marketplaces.
Caution for some, protection for others
Sellers are often required to pay a deposit.
In addition, 77% of the cybercriminal marketplaces analyzed require vendors to hold some kind of license to sell. This can be as high as $3,000. Malware entities sell products in bundles, offer plug-and-play software suites, malware as a service, and tutorials to facilitate sales to less technical users.
In addition, “only” 2 to 3% of participants in cyber threats are advanced programmers. Whether these people and networks are experts or not, it’s best to protect yourself. Therefore, HP recommends that companies master the basics of cybersecurity:
Multi-factor authentication, patch and access management, attack surface reduction, hardware and software that provides security by design (security by design)…
*Forensic Pathways collected lists of marketplaces on the Tor network from February to March 2022 using robots (crawlers). source: HP Wolf Security The Evolution of Cybercrime.
**Code or program that allows systems to be controlled by exploiting software vulnerabilities.
(photo credit © Shutterstock)