Compromised online accounts for sale
The recently unearthed website of a service specializing in selling access to compromised email and social networking accounts of Russian and Ukrainian users offers a fascinating glimpse into just how much one such account is worth to spammers.
According to Webroot’s Dancho Danchev, the service offers access to Facebook, Twitter, LiveJournal, Vkontakte and other social networking accounts, as well as to email accounts opened with Mail.ru, Rambler.ru, Yandex.ru and Qip.ru.
Wannabe spammers and social engineers can choose to buy accounts by the service, and should be ready to pay 190 rubles ($5.9) for 100 compromised Vkontakte accounts belonging mostly to Russian users, or 180 rubles ($5.6) for the same number belonging to mostly Ukrainian users.
Facebook accounts are somewhat cheaper – 500 for 200 rubles ($6.2), and the same number of compromised Twitter account can be had for 250 rubles ($7.7).
And compromised email accounts are cheaper still:
If the owners of the site and service are to be believed, most of these accounts were compromised through social engineering and brute-forcing.
“What this service offers is an easy entry into the world of cybercrime for average cyber criminals looking for fresh platforms to further disseminate their social engineering campaigns attempting to trick users into interacting with their fraudulent scheme,” Danchev comments.
“Once a compromised accounts gets resold, the new owner will abuse the “chain of trust’ and attempt to serve malware and launch social engineering attacks such as, for instance, phishing knowing that users are more likely to trust a message or a Wall post from a trusted friend. That’s their way of achieving a positive ROI (return on investment) on their initial purchase.”