Bangalore: If the unlimited virus concerns are troubling you, then there's more. Now, botnets are available on rent for as cheap as $67 for 24 hours or $9 for an hour. This empowers anyone to launch distributed denial of service (DDoS) attacks, sell fake antivirus software and relay spam to unsuspecting email users via millions of compromised PCs.
The cyberpunks are unanimously, hawking their wares via online forums and banner advertising. This readily reduces the barriers to entry for criminals who can't code, empowering relatively unskilled cyber criminals to inflict major damage and financial loss. "Organizations need to be wary of the fact that their critical online applications or services could be taken down in under a day by a criminal renting services from bot herders," said Rick Howard, director of intelligence at iDefense, a VeriSign's security intelligence service. It was an iDefense report that highlighted the entire botnet selling picture.
The business impact is witnessed when it's revealed that Zeus, a botnet which is around 3.6 million compromised PCs in the U.S.alone, is sold in the criminal underground as a kit for around $3,000-4,000. In June 2009, security company Prevx discovered that Zeus had compromised over 74,000 FTP accounts on websites of such companies as the Bank of America, NASA, Monster, ABC, Oracle, Cisco, Amazon, and BusinessWeek The full-fledged botnet comes with different add-ons and price tags for, instance an upgrade for attacking Windows 7 or Vista is priced at $2,000 or for Jabber IM broadcasting to receive stolen data in real time it costs $500. So, soon any whiz kid, who wants to opt for easy money can ease his appetite with a little cash, at the cost of financial security of others.