I was reading an article on Krebs On Security about these two 18 year olds from Israel who recently got busted on September 15, 2016.
They ran the vDOS service (denial of service attacks) which took in around $618,000 the last two years from customers of their service. They had to hire members of hackforums.net to help launder the payments.
The Krebs On Security website was shut down September 16 by DOS attacks and had to move to the Google's Project Shield service. It just went back online yesterday.
http://krebsonsecurity.com/
Also, from June 2015:
http://www.techweekeurope.co.uk/security/cyberwar/trustwave-hacking-return-investment-criminals-170087
That is some serious cash. And we the consumers end up paying it through increased prices, etc.
They ran the vDOS service (denial of service attacks) which took in around $618,000 the last two years from customers of their service. They had to hire members of hackforums.net to help launder the payments.
The Krebs On Security website was shut down September 16 by DOS attacks and had to move to the Google's Project Shield service. It just went back online yesterday.
http://krebsonsecurity.com/
Two young Israeli men alleged to be the co-owners of a popular online attack-for-hire service were reportedly arrested in Israel on Thursday. The pair were arrested around the same time that KrebsOnSecurity published a story naming them as the masterminds behind a service that can be hired to knock Web sites and Internet users offline with powerful blasts of junk data.
According to a story at Israeli news site TheMarker.com, Itay Huri and Yarden Bidani, both 18 years old, were arrested Thursday in connection with an investigation by the U.S. Federal Bureau of Investigation (FBI).
The pair were reportedly questioned and released Friday on the equivalent of about USD $10,000 bond each. Israeli authorities also seized their passports, placed them under house arrest for 10 days, and forbade them from using the Internet or telecommunications equipment of any kind for 30 days...
Huri and Bidani are suspected of running an attack service called vDOS. As I described in this week’s story, vDOS is a “booter” service that has earned in excess of $600,000 over the past two years helping customers coordinate more than 150,000 so-called distributed denial-of-service (DDoS) attacks designed to knock Web sites offline...
Huri and Bidani were fairly open about their activities, or at least not terribly careful to cover their tracks. Yarden’s now abandoned Facebook page contains several messages from friends who refer to him by his hacker nickname “AppleJ4ck” and discuss DDoS activities. vDOS’s customer support system was configured to send a text message to Huri’s phone number in Israel — the same phone number that was listed in the Web site registration records for the domain v-email[dot]org, a domain the proprietors used to help manage the site.
At the end of August 2016, Huri and Bidani authored a technical paper (PDF) on DDoS attack methods which was published in the Israeli security e-zine Digital Whisper. In it, Huri signs his real name and says he is 18 years old and about to be drafted into the Israel Defense Forces. Bidani co-authored the paper under the alias “[email protected],” an email address that I pointed out in my previous reporting was assigned to one of the administrators of vDOS.
Also, from June 2015:
Forget investment banking – it seems that if you really want to make big money in technology, making malware could be the best method.
A report released today revealed that attackers receive an estimated 1,425 percent return on investment for exploit kit and ransomware schemes, which trick users into paying hackers who have installed malicious software on their computers.
This is equivalent to £54,000 ($84,100) net revenue for just a £3,200 ($5,900) investment, according to security firm Trustwave.
Cheap as chips.
Such an investment could consist of paying $3,000 for ransomware variant CTB-Locker and $500 to rent RIG, an exploit with a promised infection rate of 10 to 15 per cent, Trustwave’s 2015 Global Security Report found.
Purchasing access to compromised websites that will generate traffic of 20,000 users a day will set them back a further $1,800 a day, with a camouflage system to ensure the payload is not detectable by anti-virus solutions costs just $600.
Based on Trustwave estimates that 0.5 per cent of infected victims will pay a $300 ransom to free their units, this adds up to equivalent profits of over $90,000, without the criminals ever needing to write a single line of code.
http://www.techweekeurope.co.uk/security/cyberwar/trustwave-hacking-return-investment-criminals-170087
That is some serious cash. And we the consumers end up paying it through increased prices, etc.