Advertisement

We need your help now

Support from readers like you keeps The Journal open.

You are visiting us because we have something you value. Independent, unbiased news that tells the truth. Advertising revenue goes some way to support our mission, but this year it has not been enough.

If you've seen value in our reporting, please contribute what you can, so we can continue to produce accurate and meaningful journalism. For everyone who needs it.

Youtube

Fancy being a millionaire hacker? It's easier than you might think

Learn some code, pick up some Russian… and be ok with living a criminal life. Easy as 1,2,3…

ALL IT TAKES to make over $900,000 (€830,000) a year is to learn some code, pick up some Russian, decide to become a criminal, and have no fear. That’s it. Put it all together, take a deep breath, and then even you can become a novice cybercriminal.

That’s what Ziv Mador, VP of security from information-security company Trustwave, showed me. He gave me an exclusive look into his research about the criminal underbelly of the internet. And it turns out hackers stand to rake in quite a bit of money if they know how to operate and where to turn.

In fact, according to his conservative estimates, even the most rudimentary of hackers stand to make as much as $80,000 (€74,000) a month.

Doing so isn’t so hard. The world of hacking and selling exploits is replete with people looking to hawk their coded goods. But let’s not focus on what one must do to enter this world; it’s really the numbers that speak for themselves.

Mador explained that the ecosystem of hacking consists of renting access to already-made exploits. These offerings are available on Craigslist-like sites, but for hacker eyes only.

The security expert said that most people using these sites are Russian or Eastern European (or at least speak the language). He added that it takes a lot to get into these hidden networks; they “require some trust with other cybercriminals to get in.”

But once someone is in the club, a novice hacker could find numerous malicious services at his or her fingertips.

For example, a hacker hoping to inject malicious links into a website would have to both figure out a way to gain access to a popular website to put in the bad links, and then would have to lease access to an exploit to deliver to victims. Then he or she would also like to ensure that the malware isn’t detectable. All of these services are available, ready-made, online, and for a price.

Hacking works much like businesses do: In order to start out you have to have supplies and a place to operate. This costs money. Trustwave crunched the numbers for how much a hacker would likely spend on his or her hacking supplies. Putting it all together it came to about $5,900 (€5,400).

Here’s Trustwave’s rundown of the cost:

Trustwave

But don’t worry, there’s a payoff. Using very conservative estimates, Mador and his team tried to figure out how many successful victims a hacker could get a month. If they put the exploit on a pretty well trafficked page, it could see as many as 20,000 users a day. Only 10% of those victims will be successfully exploited, he believes.

And of those 10%, if the exploit is a ransomware — which takes victims’ files hostage until a bounty is paid — only 0.5% of those will actually pay up.

That comes to a “daily income of $3,000 (€2,800),” said Mador.

When you subtract the monthly cost, that comes to $84,000 (€77,000) a month:

trust2

Mador added, “these [estimates] are all very conservative.” But they are all based on the transactions that Trustwave saw firsthand.

The long and the short of it is that Mador and his team witnessed hackers and hacker gangs rake in money by pulling off not too difficult online schemes.

What really makes them effective is that hacking has become a well-oiled machine. It’s no longer every man for himself. Instead, it’s some coders offering their expertise (for a price of course). And when you put all the parts together you get a truly complex ecosystem that rivals century-old industries.

If you want to learn more about the ins and outs of the hacking business, you can see more of the presentation here.

- Cale Guthrie Weissman

Read: Dublin gym websites targeted by Islamist hacking group

Read: US seeks extradition of Wicklow man over black market ‘Silk Road’ website

Readers like you are keeping these stories free for everyone...
A mix of advertising and supporting contributions helps keep paywalls away from valuable information like this article. Over 5,000 readers like you have already stepped up and support us with a monthly payment or a once-off donation.

Published with permission from
View 16 comments
Close
16 Comments
    Submit a report
    Please help us understand how this comment violates our community guidelines.
    Thank you for the feedback
    Your feedback has been sent to our team for review.
    JournalTv
    News in 60 seconds