Hacking forum or a sting operation?

Filed Under: SophosLabs

Though it is true that malware is getting more and more sophisticated I am sometimes surprised by the lack of skills coming from wannabe botnet operators. Today, I stumbled upon a hacker's forum which nicely demonstrates just how low is the technical knowledge level of the forum members.

A search for "Zeus" produces several hundred results, many of them surprisingly basic, looking for help with installing a Zeus server or an advice about the best bulletproof hosting.

Zeus and IRC? Oh, come on...

Luckily, there are many "helpful" users ready to help the script kiddies with their setups. If you are not yet ready to build your botnet from the ground up you can simply buy it from another user. For mere 15$ you can buy yourself a small Zeus botnet as offered by one of the users. It is interesting to see the uptake of Google Chrome browser within the hacking community.

15$ is cheap, certainly compared with the latest licensed version of Zeus builder with the price in the range of about 1000$. Considering its high price, Zeus customers must be making much more through stealing banking credentials, confidential data and spamming to achieve a reasonable ROI, though if most botnet owners are as unexperienced as these their profits must be expressed in negative numbers.

Looking at all the forum posts I am amazed by the number of people ready to start earning money in an illegal way and this is just one of many hacking forums. I really hope that there are many computer security companies (like Sophos) and law enforcement agents present to track and prevent illegal activities. In fact, who knows, perhaps the forum is actually setup by one of the law enforcement agencies? Wannabe hackers, beware!

You might like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Vanja is a Principal Virus Researcher in SophosLabs. He has been working for Sophos since 1998. His major interests include automated analysis systems, honeypots and malware for mobile devices. Vanja is always ready for a good discussion on various security topics.