What Cybercriminals do to Make Money

What cybercriminals do to make money is based on an analysis of what works.  Hackers experiment with different types of cybercrime to understand the types of cybercrime that are most profitable.

Most hackers rely on extortion as the primary technique for monetizing their stolen information. Extortion has been a successful form of cybercrime for years. But there are many other ways that hackers can make money besides extortion.  We examine and explain many of these methods.

Some people hack for the thrill, but the primary intent of malicious hacking for financial gain. With the right skills, any hacker can earn money.

Cybercriminals sell credit card data to make money.

The simplest and most common way that hackers earn cash is to steal your credit card data. Credit cards are used all over the internet for purchases, memberships, sending money, etc. Credit numbers are stolen by compromising databases the contained saved credit card information or by intercepting the data while the transaction is in progress.

One high-profile attack involved over 300,000 British Airways customers. A malicious line of JavaScript called Magecart was used in this attack. Magecart allows hackers to steal credit card details when the script is placed into embedded payment pages. The Magecart script was an example of an attack where the hackers did not have to compromise databases but used a script to grab the credit card data during the transaction.

Cybercriminals sell personal data on the dark web to make money.

Some hackers make money by selling valuable information on the dark web. It is challenging to compromise confidential corporate databases, but it can also be very lucrative. Hackers need to penetrate the various layers of security to access up to hundreds of millions of records that contain personal information. This data is then often sold on the dark web or to private buyers who intend to use the information for fraud.

On the dark web, personal data and confidential credentials stolen from compromised databases are placed for sale. Personal data is a valuable asset and can be sold for millions. Those who buy the data will likely use it to commit identity theft.   Many hackers target big organizations and corporations, while others go after any organization with penetrable security walls.

Hotel chain Marriot was hacked in 2018. It was hacked again in 2020. Do we blame this kind of attack on the organization’s IT department, or blame the hackers? The hackers are responsible, but the IT department is liable for not securing the data correctly.

In some cases, senior hackers sell credentials to junior hackers and other fraudsters who commit phishing campaigns. These parties attempt to send emails used to spread malware. The malware could be a crypto-mining software, adware, or even ransomware. Each of these types of malware can make money for the hacker.

Cybercriminals use Botnets to make money.

The use of botnets is often in the news. A recent news story is about last month’s arrest of the man allegedly behind Mega-D botnet. Another news story describes the angry supporters of the WikiLeaks organization. They have voluntarily allowed the computers to be part of the LOIC (Low Orbit Ion Cannon) as part of Operation Payback.

Most botnets are used to facilitate criminal enterprise, with their primary purpose being to make money for the hackers in charge.  According to Martin Lee, a senior software engineer at Symantec Hosted Services, botnets can be defined as a system of computers that have been infiltrated with malware and placed under the control of a single individual.

When your computer gets infected by botnet malware, it is under the control of whoever wrote that malware. After infection, the computer contacts the control and command server. Then the person in control of the botnet can issue whatever instructions they would like. The instruction might be to send emails to specific or various email accounts, to connect with other PCs within the network, or to install additional software that will enable the malware to remain undetected as long as possible.

So what’s the next move by cybercriminals after they have built a botnet? How do hackers make money with botnets?

Cybercriminals make money with botnets by sending spam.

There are several ways that hackers can use to make money via botnets. Sending spam is one of the most common ways that hackers use to generate cash. People have become more cyber aware, and this leads to a low click rate on spam emails. Despite this, hackers are still able to make millions of dollars annually out of spam campaigns. These spam campaigns often sell products such as pharmaceuticals. A study on pharmaceutical spam has shown that most of the products are counterfeit or are the wrong dosage.

Although spam has a remarkably low response rate, the volume of spam sent by a botnet can make up for the gap. When millions of spam emails are sent, there is a consistent profit generated.

Hackers have realized that by shortening URL, they get more people to open their messages. Hackers have changed their tactics to allow them to launder or whitewash the actual URL that you see in the email.

A breakdown

Most of the emails that a spammer sends will not be delivered. Of those that are delivered, very few are opened by the targeted victims. Even if they do open the emails, very few will click on the links. Out of those who click the link, very few will buy the advertised products.

Only an incredibly tiny fraction of the sent emails will be successful. But it costs very little for hackers to send many millions of spam emails.  So,  spamming is still a lucrative way for hackers to make money.

Cybercriminals steal money from bank accounts.

Competent hackers aim at financial institutions to attempt to bypass the A-class security systems. Malware can be utilized by hackers to steal from online bank accounts. An unknowing user might be operating on an infected machine. The hidden malware waits until the user connects to a bank’s internet service, then the hacker takes over or steals the required credentials. The malware allows the victim to log in into their accounts and do their authentication and then takes over the connection. The software then injects money transfer commands into the system and hides those transactions so that the victim does not see their actual balance.

With malware in your PC, you cannot trust what is being displayed on your screen. The hacker has full control and controls what you see.

Cybercriminals make money by using denial of service (DOS) attacks to ask for Ransoms.

Another way that hackers make money is through a modern take on a very old scheme: the protection racket. The catch here is to look for a business that conducts most of its business online and then to take down their website until they pay their demanded cash.

If the attacked company does not pay the demanded cash, the hacker can direct the computers in their botnet to start requesting pages on the victim’s website. Since these are automated attacks, botnets can send hundreds of thousands of requests every second, thus swamping the website or slowing it down so much that it becomes practically impossible to use by the clients and the company staff.

According to past studies on such attacks, extortion demands often range between $10,000 and $50,000. In this range, victims are often more willing to pay the ransom than suffer the consequences of their sites being brought down and potentially losing more.

Stealing Intangible Goods.

Although only a few cases have been recorded, some hackers make money by stealing intangible goods. For example, a hacker might hack into one’s gaming account.  The hacker can then sell the intangible goods the player has accumulated or acquired in the game.

People spent significant time and money on online games. Hackers, therefore,  have developed Trojans that have been customized to steal credentials that are then used to access online games to steal intangible goods that have been acquired.  In Asia, a gang of hackers who specialized in selling intangible goods recently made at least $140,000.

Holding Information for Ransom

Another spin on the extortion angle, hackers make money by holding information on a victim’s computer for ransom. With the aid of malware, data is encrypted on the victim’s hard drive, and the information made inaccessible.  The person operating the botnet then demands payment to decrypt the drive. This method is rarely used but is one of the ways that hackers can use to make money.

Cybercriminals make money through online marketplaces

Some cybercriminals make a considerable amount of cash by abusing online marketplaces. The ease of shopping from the comfort of your home or office is fast making online marketplaces such as Flipkart, Amazon, Jumia, and eBay preferable mode of shopping globally. However, these online platforms usually require various significant credentials that can be easily harvested and use for numerous crimes by cybercriminals.

Fraud has gone up in the online marketplaces providing cybercriminals with ample opportunity to strike. Some of the methods that cybercriminals use to exploit online market places include:

  • Using stolen credit card details to buy expensive goods and other luxuries.
  • Impersonation – cybercriminals also make money by impersonating legitimate sellers. They then sell fake or non-existent items. There have been several incidents where customers complain of receiving items they never ordered for or counterfeit items instead of what they ordered. Such cybercriminals aim at convincing a pool of target victims into purchasing their fake goods and then disappear with the money without delivering any service or providing the ordered goods.
  • Money Laundering – cybercriminals often use online marketplaces as a channel to launder money. Using stolen or fake credentials, they create buyer and seller accounts. The phony buyer then purchases goods from the fake seller accounts at inflated prices.  The transactions can be used to trick the IRS that somebody legitimately earned the money.

Cybercriminals make money through cryptocurrencies

Cybercriminals use botnets and “crypto-jacking” to mine digital currency at the expense of victims who have no idea that they are taking part in the mining process. The popularity of bitcoin and the introduction of 1500 other digital coins or tokens have expanded attack surfaces in the cryptocurrency red-hot space hence drawing more criminals to exploit the weak-links.  The last two years have seen digital currencies grow into a mainstream asset as more financial institutions and corporations expand the use of the underlying blockchain technology.

With various “alt-coins” being launched every week, cybercriminals have come up with creative and complex techniques to gain financially from these launches. There has been a rise in mining fraud, scams against initial coin offering, crypto-jacking, and account takeovers.

Crypto-jacking is where cybercriminals use malware to take control of one’s browser and then use the victim’s PC to mine digital coins without their victim’s knowledge.

Money Money Money

There are some other ways through which hackers earn money than that we have mentioned above. For instance, there are hacking groups paid by governments to commit crimes for those nations. Others make money by being anonymous penetration testers. Hackers will continue to hack as long as there is money to be made.

Leave a Comment