xorl %eax, %eax

How much is unauthorized access sold for?

leave a comment »

This is a hard question for a few different reasons. The simplest answer would be: As much as the buyer is willing to pay. And this is partially true. In some occasions buyers are paying very high prices in private to cyber-crimnals to avoid all the hassle and risks of a cyber intrusion operation, and just buy the confidential data or remote access to their target. Here I will present a quick study on the recent prices for access to victims’ networks from data I collected from various cyber-crime forums.



What you see above is an example of what I am talking about. Such posts are are occasionally appearing on underground forums such as Exploit, RaidForums, etc. My methodology was to collect the 100 most recent such offers that met the following criteria:

  • Stated the price
  • Provided privileged remote access (such as Domain admin)
  • Described the victim (name, size, etc.)
  • Described the country of the victim

So, I collected 100 such entries which go back to mid-June 2020. Then I did some research on LinkedIn and other open sources to enrich the listings and here are my final results:

  • Average price is $7,768
  • 48% of the victims had less than 500 employees
  • 81% of the victims were from the private sector
  • Most victims were from the USA (34% of all listings)
  • Financial sector was the most targeted industry (24% of all listings)

I know that people like visualizations, so here you can find some graphs I generated.



Written by xorl

August 26, 2020 at 20:33

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s