Thursday, February 03, 2005

The wages of sin (hacking)

According to an article in Computerworld, they can be considerable.

"The black-market price for exploit code for a known flaw--such as some of the recently announced Internet Explorer flaws--is between $100 and $500. That's the price if no exploit code is available; after the exploit code is made available on public forums, the price drops to zero. Exploit code for an unknown flaw is--not surprisingly--considerably more valuable: Prices for unknown exploits range between $1,000 and $5,000. Among the buyers of those codes are various foreign governments, foreign and domestic organized crime groups, and iDefense, a company that buys the exploits then informs its clients of the flaw."

"Want to know who has your e-mail address? Get in line. A list of 5,000 IP addresses of computers infected with spyware and ready and able to go into 'bot' mode goes for $150 to $500. If you're in the black market for a list of 1,000 working credit card numbers, expect to fork over between $500 and $5,000..."

"What do these black-hat hackers working for spammers make for their trouble? According to Loveless, the annual salary of a top-end, skilled black-hat hacker working for spammers is between $100,000 and $200,000."



Post a Comment