Cost of DDoS, leak of credit card numbers, infected machine and spam

PURPOSE

The main goal of laboratory report is to identify the costs of nowadays most known attack  DDOS, leak of credit card numbers, infected machine and never the less sending spam for 1 000 000 (one million) people. There are few points that should be presented:

  • Where did we discovered the information (links or sources)
  • What kind of source of communication we used, for instance: instant messing, ICQ, IRC, which contact we have gather the information
  • What are the prices for the above attacks.

First of all, we must bear in mind that collecting the above information it is presented to a numerous affected sources ( i.e. Website, news, forums, IRC chat,etc.). By visiting the source can lead you to a virus, trojan, malicious code, malware, etc. Which can damage your system. Therefore, we are going to use virtual environment to find our demands. In addition, we will use different languages and different search engines.

Construction of report is separated by tasks section. Where each section is presented with the source, communication type and the costs of the service. In addition, in Appendix 1 we give the configuration of virtual environment.

Finally the conclusion made of all collected data will be concise in conclusion section.

TASKS

Following list is the numeration of the tasks:

  1. DDoS
  2. Credit Card Numbers
  3. Infected Machines
  4. Spam for 1 000 000 people

TASK 1

Source where we can find information about the cost of DDoS attacks are provided in Russian most known [Hackzone] forum. This is the source will give as more of the answers. But again be careful when you accessing this site. It is on your own risk.

From the following link we received an information about DDoS attacks: [HackzoneDDoS]. With the following translated statement:

The average price of service from $ 50 per day. Depends on the complexity of the attacked site. Methods of payment accepted via WebMoney. The network is practically around the clock!Commands:http / https / icmp / post / syn / udp /Price:Day from $ 50Week from $ 350From $ 1200 per month(Prices may change depending of type and timing of orders on the complexity of the attacked site)Demo test for 5-10 minutes.Contact:Icq :20-**-29Inspections completed:hack-world.orgwww.xaker.nameforum.xaknet.ruMost of the DDoS attack service are around per day $ 50, here is an other source and contact details:Contact details Icq:22-**-327Icq:875-**3E-mail:anti**os@jab**r.ru

The above information is from the following link: http://www.hackzone.ru/forum/open/id/15608/. Other sources that can be found are with

the following links: http://www.hackzone.ru/forum/open/id/16067/ and http://www.hackzone.ru/forum/open/id/17187/

As we stated above that the price is from \$50 per day and it goes until \$350 per month and so on.

TASK 2

The number of credit cards leaked in the web are numerous amount. The prices are not that high as people expected. For card that comes from European country is the highest price and for the other are much cheaper.

Here some information from the following link, leak from Support_BM Originar

source is in Russian language, so for this report is translated to English. From the source [CartNumber].

At the moment there is only us, ca, cvv.Databases are updated every 2-3 days, Walid varies from 75 to 90%.Price:us visa, mc cvv = $ 1.5us amex, diss = $ 1.5us without vbv \ mksk = $ 2us not tied and PayPal = $ 2EU = $ 6-9World = $ 3-6CIS is not and never will.Sorted by: bean = $ 1Sample on any other criterion = +0.5 $Sampling only on the following criteria: bin, judge, state, city, type, zip.WARNING! I do not select “No vbv”, “No attachment to the paypal”, “Give me a map that would be held there now and then.”Terms and conditions of service provision:1. Replacement non valid within 48 hours of purchase.2. I only 04/05/51 Declined, Hold-Call, check only CCN + EXP + CVV3. On messages such as “Here?” “Hi, how are” probably will not answer.4. Money Beg do not.5. Do not change the board, check it before selling.6. I believe only their own way, proven in battle, checker, so your results, another checker, and so do not pay attention.7. Using my service, you automatically agree with everything stated in this post.8. Reserve the right to refuse service to anyone, without explanation.9. I am not responsible for the account balances card-holders.10. I do not give advice on the use of the material.11. Do not keep a bazaar talks about the reductions.12. I do not care where you do not go away if you gave Checker Walid Walid means.Card format:Credit Card Number | CVV2 | ??Exp.date | Name | Address Line | City | State | Zip Code |Country | Phone (Not Always) | Email Address (not always)Attention! Before you knock a replacement non valid, make sure that all the provided maps not valid if none of these cards will be found a valid card and a replacement will be denied.Learn to appreciate their own and other people’s time, get a checker, and live happily ever after.Contact the seller checker can provide for everyone.I accept payment only WMZ and LibertyReserveMy WMID has 70BL, as well as on-demand in icq give links to many reviews.Contact:ICQ: 604000**0JID: ***nager@thes**ure.bizPosted 13.10.2010 13:45:51 (8 days 18 hours 31 minutes 59 seconds)Other source that cross is from Russian banks Alfa debit or others the price from$175. Source is published by contact details: Jabber: v**yt@exp**it.im, ICQ: 25**165,Skype: V**yt_. On the following link: http://lab-one.net/showthread.php?t=664

TASK 3

Nowadays it is not hard to find an infected machine/computer. Because most of the user PC’s are based with operating system Windows and are most of them infected. I have try so hard to find infected machine price, but until today, I did not come up with any good source. Therefore, I would like if it is possible to add this source and discuss this source and information with the fellow students.

TASK 4

Spamming for one million people it sounds impossible, but still out there someone is offering this service. Here is from Kazakhstan source with the following information, translated in English:

E-mail newsletter:1 post = 1 m., minimum order 10 000 posts.For large orders – big discounts!At present there is action: 10 000 tenge, we send 20 000 messages. + Action: 50 000 tenge, we send your letter to 360 000 email ardesov in Almaty, send 3 times in one month!The action is over, send a time.E-mail database:In Almaty:60 000 LEGAL Address – Almaty Yuredicheskie email addresses, the entire directory guide “our town” and directory site “Samruk Kazyna”430 000 – private address Almaty residents collected via mail search agent criteria:country, city, gender, age.Throughout Kazakhstan:240 000 – LEGAL person Kazakhstan LLP, Ltd., Inc., Ltd., etc. collected from various references such as “yellow pages” “compass” etc.3.4 million – individuals, all of Kazakhstan. – Collected through the mail search agent criteria: country, city, gender, age.P.S. you can build a base of email addresses to any city in Kazakhstan, or any other city in any other country, can you give us the criteria and we will collect your base, an example of criteria:I try, the city, Age, sex, online, not online.P.S. Legal mailings are engaged for 3 years, dispatching more than 5 years.To Order: +7-701-1**5575, +7 (727) -329-61-**.E-mail: d**z@i**ox.ru

Indeed, for 10 000 KZT = 67.45 USD and the amount of message send are 20 000 spam. Then the price for one million spam is 3.372.5 USD without discount. The above links is from the following source [Rassilka.kz].

CONCLUSION

I would like to generalize that from the above information we see that for any service that we looked for, it has a price. Value that are different in other countries and currencies. Yet, before you start this research make sure that you are not using your local machine.

Likewise, I have used an virtual environment to be able to collect all the above data. Because the sites, forums, links, etc. are infected with malicious code, or can be easily traceable.

In summary, we utter gather as much as possible different sources and different prices. Most expensive is the spam for one million people, second is DDoS attacks and never the last is to gain an credit card numbers from different countries and different price.

For more info please refer to following source [QuinStreet Inc] why I have chose Russia as the main source.

APPENDIX

Appendix 1 is configuration of the virtual environment.

APPENDIX 1

Virtual environment: Oracle VirtualBox Version 4.1.2 r73507. Downloadable from the following link: https://www.virtualbox.org/wiki/Downloads

Security Fedora 14 32 bit – Client: http://spins.fedoraproject.org/security/

  • Base Memory: 512 MB
  • Acceleration: VT-x/AMD-V, Nested Paging
  • Display – Video memory: 12 MB
  • Storage: SATA Controller, Port 0: 8 GB
  • Network:
  • Adapter 1: Adapter 1: Parvirtualized Network (NAT)
  • Adapter 2: Adapter 2: Inter PRO/1000 MT Desktop (Host-only adapter, „VirtualBox Host- Only Enternet Adapter“)

Bibliography

Hackzone: HackZone.ru, Forum, 2011, http://www.hackzone.ru/

HackzoneDDoS: Master_DDoS, Качественный DDoS Сервис, http://www.hackzone.ru/forum/open/id/17387/

CartNumber: Support_BM, Качественный US\EU\WORLD картон, 2011, http://www.hackzone.ru/forum/open/id/14936/

Rassilka.kz: kamondimon, E-mail рассылки!, 2011, http://rassilka.kz/rassilki-rassilka-kz/47-e-mailrassylki.html

QuinStreet Inc: Paul Rubens, Understanding the Russian Hacker Underground, Aug 13, 2010, http://www.enterprisenetworkingplanet.com/netsecur/article.php/3898601/Understanding-the-Russian-Hacker-Underground.htm