When compared to the financial damage a cyberattack can create, the cost of most crimeware-as-a-service (CaaS) offerings looks like a bargain, based on the prices listed in a “Hacking Menu” compiled by network security firm WatchGuard Technologies.
Aspiring attackers with an appetite for mayhem can peruse the dark web to find and purchase virtually any hacking service one might imagine – often for just a few hundred bucks, with no coding experience required.
Featuring prices pulled from the websites of five crimeware service providers operating on the dark web, the menu offers a taste of the various decadent attacks currently available to would-be adversaries. SCMagazine.com is now revealing the contents of the menu in a first-run exclusive.
“Using a botnet in order to target companies to take them offline, stealing intellectual property and intentionally damaging hardware or software sound like complicated undertakings to most people. And they are. But they've never been more accessible,” Marc Laliberte, information threat analyst at WatchGuard,” said in an email interview with SCMagazine.com.
“Ultimately, crimeware-as-a-service (Caas) offerings like these make it much easier for less technically sophisticated individuals to gain access to fairly sophisticated computer and network attacks – they lower the barrier to entry significantly for cybercriminals. This means that in general, CaaS is a notable contributing factor to the recent increases in the volume and sophistication of cybercrime,” Laliberte continued. 
Click here or on the image above for a full view.
Although prices for CaaS attacks can fluctuate (as can the conversion rate between Bitcoins and the U.S. dollar), the amounts shown here represent a snapshot of time last week – and according to WatchGuard, remain accurate as of July 11, when the prices were checked again. WatchGuard has also confirmed that the prices shown here are generally reflective of the typical rates one would find perusing other dark web sites for the same services.
Still, WatchGuard found some interesting outliers during its research. For example, the company found one website offering a 24-hour, 400 Gbps distributed denial of service (DDoS) attack for three bitcoins or approximately $1,860, well above standard pricing. DDoS prices do tend to jump all over the map, due to variations in attack method and strength, but a more typical example included in this menu is .51 bitcoins, or about $316, Laliberte noted.
Bon appetit – if you have the stomach for it.
