Danny Palmer
| November 18, 2021
| Topic: Security
The problem with passwords
Watch Now
Botnets are one of the key drivers of cyberattacks, used to distribute malware, ransomware and other malicious payloads – and dark web forums are now offering lessons on how to make money from them, a move that is likely to increase the threat over time.
Infected computers and devices in a cyber criminal-controlled botnet can be used to send phishing emails or malware to even more devices. It’s common for botnet operators to lease out their collection of unwittingly controlled machines – which can number in the thousands – to other cyber criminals.
For example, TrickBot malware ropes machines into a botnet, providing the attacker with a backdoor into them. That access is often sold to cyber criminals who can then use them to deploy ransomware, using that access to encrypt files and demand a significant ransom payment. Many botnets are used to steal usernames and passwords, while others will take the processing power of the machines they control and lease them out to launch DDoS attacks in order to overflow websites with traffic and take them down.
SEE: A winning strategy for cybersecurity (ZDNet special report)
Botnet operators can, therefore, make significant sums of money, and now there are dark web operators who are offering online courses to train others on using botnets – and they operate much like their legitimate counterparts teaching cybersecurity and other skills in online courses.
Cybersecurity researchers at Recorded Future analysed advertising and activity in a botnet school on a prominent underground forum and found that these courses are in demand – something that could be a potential issue for organisations that might be targeted by cyber criminals learning these skills.
“It’s essentially like as if you’re in college,” Danny Panton, cybercrime intelligence analyst at Recorded Future told ZDNet. “You’ll have a director and they’ll be virtually teaching you – I don’t believe cameras are going to be on the person – but they have access to a platform and are taught insights into what you need to do to leverage botnets against potential victims.”
Those teaching the courses include individuals who run large botnets themselves. The courses aren’t cheap – they cost over $1,400 dollars – but promise to provide even novice cyber criminals with knowledge on how to build, maintain and monetise botnets.
“It really is a range of cybercrime experience and levels. You might have people who are seasoned cybercrime fraudsters, but aren’t really familiar with using botnets,” Panton explained. “Then there are people who are just completely new to cybercrime as a whole and just are curious and want to become better seasoned and increase their skills,” he added.
Given the nature of the cybercrime world, some might be suspicious that if they hand over money to take part in the course, they’ll be scammed and get nothing in return. But it seems like legitimate a service and the course is subject to reviews, which suggest that the botnet school really offers what it says it does. If it was a scam, it wouldn’t have lasted so long.
Security TV
|
Data Management
|
CXO
|
Data Centers