
The business model for botnets - raleighm
https://www.technologyreview.com/s/611123/inside-the-business-model-for-botnets/
======
nugget
>30,000 bots [generate] well over $20 million a month of profit

that's $666/month per user

>“Re-infection costs have been estimated at $0.0935 per device,” say Putman
and co.

>For example, potential botnet masters can make use of pay-per-installation
services to set up the network. These can be bought on the dark web, with a
fixed fee of 2 to 10 cents per device for installing the malware.

So I can buy bots for 10 cents per device and make "well over" $3/day on them?
Not sure the math adds up on this one.

~~~
Doxin
I assume it works the same way as renting a server. you can get a vpn for $10
a month and it's not unimaginable to make 30 times that back with whatever
service you run atop that.

------
johntiror
_The team say that distributed denial-of-service attacks using a network of
30,000 bots can generate around $26,000 a month. Spam advertising with 10,000
bots generates around $300,000 a month, and bank fraud with 30,000 bots can
generate over $18 million per month. But the most profitable undertaking is
click fraud, which generates well over $20 million a month of profit._

Does anyone know how those hacks can generate revenues? I mean how can a DDOS
generate revenue? What kind of bank fraud can a botnet do? How can click fraud
generate profit (I guess if you suddenly receive $20 million on your adsense
account google will immediately ban you)?

~~~
bostik
> _I mean how can a DDOS generate revenue?_

You rent out the capacity. Few hours of N Gbps flooding, courtesy of 20-30
thousand compromised home systems and IoT shitware units: tens to maybe low
hundreds of dollars.

Now assume that's only a couple of percent of the total capacity under the
botnet's control. Also, there are 24 hours in a day - once the current
blaster's rental time expires, you have another one lined up already.

I recall seeing numbers in some fairly old Krebs article, but can't find it
right now.

~~~
graystevens
Spot on - they’re often referred to as ‘stressers’ or ‘booters’, and can make
a nice chunk of money. There’s always someone looking to knock someone off of
Xbox Live or PSN, or even chance it and try to take down a popular website.
Depending on the technique used and the size of the botnet, you can cause some
sysadmins or SOCs a headache.

I’m sure anyone else in the ISP industry will tell you that anytime kids are
off school (summer holidays or half term here in the UK) the DDoS alerts go up
a notch or two.

~~~
krageon
A bit more than two notches I'd say. The correlation between those is pretty
enormous.

------
cypherg
these numbers are utter shit

