PURPOSE
The main goal of laboratory report is to identify the costs of nowadays most known attack DDOS, leak of credit card numbers, infected machine and never the less sending spam for 1 000 000 (one million) people. There are few points that should be presented:
- Where did we discovered the information (links or sources)
- What kind of source of communication we used, for instance: instant messing, ICQ, IRC, which contact we have gather the information
- What are the prices for the above attacks.
First of all, we must bear in mind that collecting the above information it is presented to a numerous affected sources ( i.e. Website, news, forums, IRC chat,etc.). By visiting the source can lead you to a virus, trojan, malicious code, malware, etc. Which can damage your system. Therefore, we are going to use virtual environment to find our demands. In addition, we will use different languages and different search engines.
Construction of report is separated by tasks section. Where each section is presented with the source, communication type and the costs of the service. In addition, in Appendix 1 we give the configuration of virtual environment.
Finally the conclusion made of all collected data will be concise in conclusion section.
TASKS
Following list is the numeration of the tasks:
- DDoS
- Credit Card Numbers
- Infected Machines
- Spam for 1 000 000 people
TASK 1
Source where we can find information about the cost of DDoS attacks are provided in Russian most known [Hackzone] forum. This is the source will give as more of the answers. But again be careful when you accessing this site. It is on your own risk.
From the following link we received an information about DDoS attacks: [HackzoneDDoS]. With the following translated statement:
The above information is from the following link: http://www.hackzone.ru/forum/open/id/15608/. Other sources that can be found are with
the following links: http://www.hackzone.ru/forum/open/id/16067/ and http://www.hackzone.ru/forum/open/id/17187/
As we stated above that the price is from \$50 per day and it goes until \$350 per month and so on.
TASK 2
The number of credit cards leaked in the web are numerous amount. The prices are not that high as people expected. For card that comes from European country is the highest price and for the other are much cheaper.
Here some information from the following link, leak from Support_BM Originar
source is in Russian language, so for this report is translated to English. From the source [CartNumber].
TASK 3
Nowadays it is not hard to find an infected machine/computer. Because most of the user PC’s are based with operating system Windows and are most of them infected. I have try so hard to find infected machine price, but until today, I did not come up with any good source. Therefore, I would like if it is possible to add this source and discuss this source and information with the fellow students.
TASK 4
Spamming for one million people it sounds impossible, but still out there someone is offering this service. Here is from Kazakhstan source with the following information, translated in English:
Indeed, for 10 000 KZT = 67.45 USD and the amount of message send are 20 000 spam. Then the price for one million spam is 3.372.5 USD without discount. The above links is from the following source [Rassilka.kz].
CONCLUSION
I would like to generalize that from the above information we see that for any service that we looked for, it has a price. Value that are different in other countries and currencies. Yet, before you start this research make sure that you are not using your local machine.
Likewise, I have used an virtual environment to be able to collect all the above data. Because the sites, forums, links, etc. are infected with malicious code, or can be easily traceable.
In summary, we utter gather as much as possible different sources and different prices. Most expensive is the spam for one million people, second is DDoS attacks and never the last is to gain an credit card numbers from different countries and different price.
For more info please refer to following source [QuinStreet Inc] why I have chose Russia as the main source.
APPENDIX
Appendix 1 is configuration of the virtual environment.
APPENDIX 1
Virtual environment: Oracle VirtualBox Version 4.1.2 r73507. Downloadable from the following link: https://www.virtualbox.org/wiki/Downloads
Security Fedora 14 32 bit – Client: http://spins.fedoraproject.org/security/
- Base Memory: 512 MB
- Acceleration: VT-x/AMD-V, Nested Paging
- Display – Video memory: 12 MB
- Storage: SATA Controller, Port 0: 8 GB
- Network:
- Adapter 1: Adapter 1: Parvirtualized Network (NAT)
- Adapter 2: Adapter 2: Inter PRO/1000 MT Desktop (Host-only adapter, „VirtualBox Host- Only Enternet Adapter“)
Bibliography
Hackzone: HackZone.ru, Forum, 2011, http://www.hackzone.ru/
HackzoneDDoS: Master_DDoS, Качественный DDoS Сервис, http://www.hackzone.ru/forum/open/id/17387/
CartNumber: Support_BM, Качественный US\EU\WORLD картон, 2011, http://www.hackzone.ru/forum/open/id/14936/
Rassilka.kz: kamondimon, E-mail рассылки!, 2011, http://rassilka.kz/rassilki-rassilka-kz/47-e-mailrassylki.html
QuinStreet Inc: Paul Rubens, Understanding the Russian Hacker Underground, Aug 13, 2010, http://www.enterprisenetworkingplanet.com/netsecur/article.php/3898601/Understanding-the-Russian-Hacker-Underground.htm