Though it is true that malware is getting more and more sophisticated I am sometimes surprised by the lack of skills coming from wannabe botnet operators. Today, I stumbled upon a hacker's forum which nicely demonstrates just how low is the technical knowledge level of the forum members.
A search for "Zeus" produces several hundred results, many of them surprisingly basic, looking for help with installing a Zeus server or an advice about the best bulletproof hosting.
Zeus and IRC? Oh, come on...
Luckily, there are many "helpful" users ready to help the script kiddies with their setups. If you are not yet ready to build your botnet from the ground up you can simply buy it from another user. For mere 15$ you can buy yourself a small Zeus botnet as offered by one of the users. It is interesting to see the uptake of Google Chrome browser within the hacking community.
15$ is cheap, certainly compared with the latest licensed version of Zeus builder with the price in the range of about 1000$. Considering its high price, Zeus customers must be making much more through stealing banking credentials, confidential data and spamming to achieve a reasonable ROI, though if most botnet owners are as unexperienced as these their profits must be expressed in negative numbers.
Looking at all the forum posts I am amazed by the number of people ready to start earning money in an illegal way and this is just one of many hacking forums. I really hope that there are many computer security companies (like Sophos) and law enforcement agents present to track and prevent illegal activities. In fact, who knows, perhaps the forum is actually setup by one of the law enforcement agencies? Wannabe hackers, beware!