The service, exposed by Webroot, is offering access to malware-infected hosts based in Russia, the US, the UK, France, Canada and the cosmopolitan-sounding “international mix.” The pricing seems entirely reasonable as well: $200 for 1,000 hosts in Russia and France, $240 for 1,000 in the UK, and just $35 per 1,000 for the global bouillabaisse special. In North America, the US commands just $180 for 1,000 hosts, while Canada is the most expensive option, at $270.
“Today’s modern cybercrime ecosystem offers everything a novice cybercriminal would need to quickly catch up with fellow/sophisticated cybercriminals,” explained Webroot security researcher Dancho Danchev, in a blog. “Segmented and geolocated lists of harvested emails, managed services performing the actual spamming service, as well as DIY undetectable malware-generating tools, all result in a steady influx of new (underground) market entrants, whose activities directly contribute to the overall growth of the cybercrime ecosystem.”
Users are held to a daily supply limit of 20,000 hosts, which Webroot said indicates an ongoing legitimate/hijacked-traffic-to-malware-infected hosts conversion. The firm also said that the availability of Russia-based malware-infected hosts – which helps point the finger to the culprits – is the direct result of either a greed-oriented underground market proposition, the direct result of a surplus-based model or an attempt by the cybercriminal behind the offer to differentiate the service’s proposition. In the latter case, existing commoditized rental services largely offer access to, for instance, US based hosts.
“Among the most popular questions the general public often asks in terms of cybercrime, what else, besides money, acts as key driving force behind their malicious and fraudulent activities?” Danchev said. “That’s plain and simple greed, especially in those situations where Russian/Eastern European cybercriminals would purposely sell access to Russian/Eastern European malware-infected hosts, resulting in a decreased operational security for their campaigns as they’ve managed to attract the attention of local law enforcement.”