Skip to main content

How Eastern European botnets make munney

I was intrigued to read that security researchers have uncovered a Web portal (opens in new tab) at that reportedly uses a humungous botnet to infect vulnerable PCs, charging clients for each successful PC infection.

The front end Web site at (CC is assigned to the Australian territories of the Cocos and Keeling Islands, in case you were wondering -Ed) appears to be innocuous, but newswire reports (opens in new tab)suggest it has a darker purpose.

The CIO newswire (opens in new tab), for example, claims that the operator of the site provides real-time information on the size and availability of the botnet, charging punters for using the botnet to infect computers with whatever malware the customer chooses.

The going rate for each successful infection of a vulnerable PC is around 20 US cents a pop - nice work if you can get it.

The CIO newswire asserts that this is slightly different than the service model used by the hackers behind the Gozi trojan (opens in new tab) and 76service schemes.

On the 76service service (huh? -Ed), clients pay for access to a form-grabber when they have already infected the machine.

This, says the newswire, makes each infection more expensive, since access is mostly exclusive and the trojan is already installed and operating on behalf of the buyer.

With, however, punters are really paying to infect the machine in the first place, with whatever malware the buyer chooses.

This is a more cost-effective (if that's the right terminology) method of achieving criminal aims, but, of course, is equally as illegal as the other two services...