Screenshot of IRC discussion between people buying and selling tools for cybercrime.
"Did you know that you can buy a keystroke logger for $23 or pay $10 to have someone host your phishing scam? Having a botnet at your fingertips will cost you $225, and a tool that exploits a vulnerability on a banking site averages $740 and runs as high as $3,000.
That's according to the Symantec Report on the Internet Underground Economy due to be released Monday.
Symantec researchers spent a year observing the chat among cybercriminals on IRC channels and forums on the Internet between July 1, 2007 and June 30, 2008 and were able to piece together a veritable menu of malicious code, as well as dig up detailed information on the exchange of highly prized financial information.
For example, credit card information accounted for more than 30 percent of all of the types of goods and services sold and was the most requested category. Bank account credentials were the most commonly advertised thing for sale on underground economy servers monitored by Symantec, with prices ranging from $10 to $1,000 depending on the balance and location of the account.
This is a lucrative business, Symantec has discovered. If the sellers were able to sell everything they were offering, the amount would reach more than $275 million. That represents just the sales amount. Factoring in the emptying of victims' accounts and maxing out credit cards, the potential worth of credit card information and bank credentials for sale would be $7 billion, the report estimates.
The report also studied trends in software piracy, with researchers monitoring those sales between July and September of this year. The most pirated software was found to be desktop games, followed by utility applications and then multimedia software, such as photo editors, 3D animation, and HTML editors.
There is some interesting geographical data as well. Most of the people uploading pirated software to be sold were in the United States, the report found. The U.S. was home to most of the underground economy servers (41 percent) followed by Romania (13 percent) and North America had the largest number of underground economy servers.
Meanwhile, cybercriminals in Russia and Eastern Europe appear to be more organized than their counterparts in the North America who are "often made up of acquaintances who have met in online forums and/or IRC channels," the report says."
This table shows the sales price and estimated value of pirated software sold on underground economy servers monitored by Symantec.