Have you ever wondered why talented people will work so hard to infect your computer? Yury Namestnikov, in a white paper for Kaspersky Lab, unraveled the Economics of Botnets. According to the author:
In the past ten years, botnets have evolved from small networks of a dozen PCs controlled from a single C&C (command and control center) into sophisticated distributed systems comprising millions of computers with decentralized control. Why are these enormous zombie networks created? The answer can be given in a single word: money.
So how much money can a crook make from a botnet? Here's the menu that Namestnikov details in his article.
- DDoS Attacks. Distributed Denial of Service Attacks, which simply flood a network with traffic, can render the network useless; no online sales, no advertising revenues. Unscrupulous companies will pay $50 to several thousand dollars for a botnet operator to shut down the competition.
- Theft of Confidential Information. Cybercriminals can sell stolen bank accounts for $1 to $1500 each.
- Spam. According to Kaspersky Lab data, about 80% of all spam is sent via botnets. A targeted mailing costs $70 to $1,000.
- Phishing. Phishers pay botnet operators $1,000 to $2,000 per month to protect their sites from detection using fast flux technology.
- SEO Spam. For $300 a month, webmasters can pay cybercrooks to create inbound links and boost their search engine results.
- Click Fraud. Website owners sell space for ads. In return, they collect a small fee for every click on that ad. A crooked site owner can employ a botnet to generate unique clicks on their ads and so boost income. Very little data is available on the extent of this fraud, but Namestnikov estimates that fraudulent clicks generated $33 million in 2008.
- Distribution of Malware. The average cost of installing malicious programs on one thousand U.S. computers is $120.
- Leasing the Botnet. A botnet of 100 machines rents for around $2,000 per month. The Shadow botnet, a network of over 100,000 zombies, sold for $36,000. Its creator was only 19 years old.
After reading the menu, consider the fact that a strong botnet can perform all of these services simultaneously. Now you know why some folks work so hard to infect your computers. And why you need to work hard in order to stay virus free.