A botnet is on sale on the dark web with a capacity of 1.3 million bots for successful attacks. The dark web seller who joined the hacker forum on June 7, 2023- stated that it was his botnet. The dark web botnet sale message read that the bots were “located in Asia/Europe”.
The seller offered access to the botnet of 1.3 million bots in two parts – Loader and Panel for stealer. “Last access price: $1k / 2 spots,” read the message about the dark web botnet sale.
1.3 Million Bots on the Dark Web Botnet Sale
The seller noted that the botnets on sale were online on a regular basis. They posted a screenshot of the panel to be used to access the features of the botnet with 1.3 million bots.
Threat Intelligence platform Falcon Feeds posted the above Advertisement screenshot on Twitter/ X.
The screenshot shows that other versions of the botnets were sold for 52,000 and 53,000 respectively. The former was paid by those wanting to launch cyber attacks using the 1.3 bots for a lifetime subscription.
The latter was paid by cybercriminals to buy it for a lifetime subscription with updated bots. Detailing about what updated bots meant, the advertisement read, “… the term updated bots refers to the fact that if bots from 1.3m bots are lost, you will not have new ones…”
It further added that the seller updates newer bots to the existing selection which can be used by the buyer. “… you have every right to resell bots, to use them for any purpose other than ransomware or killbots,” indicating that these can deploy ransomware.
Moreover, after launching a botnet attack on a server, they can share the malware with others so they can target infrastructure as they please.
Botnets are largely used to launch Distributed Denial of Service (DDoS) attacks that send a high number of requests on a website or network that it could not take. This may crash the system leaving services inaccessible to users.
Access to 1.3 million bots, as advertised in the dark web botnet sale message for a thousand dollars, speaks of troubling news for the organizations. Several hacktivist groups launch DDoS attacks on websites to avenge action by the government of a specific minority.
The above screenshot of the dark web sale of 1.3 million botnets had the flag of the United States circled leaving the others. The highlighted portions on the map included almost all of India, likely hinting at the presence of the botnets in the region.
Token Drainer Sold on the Dark Web
Dark web sales of malware and announcements of black hat hacking competitions have increased significantly in the recent past. Among the others was Cerberus Drainer, which was sold on the dark web with the capability to drain tokens and NFTs.
The advertisement for the Cerberus Drainer indicated that it was a second version of the tool. This cryptocurrency drainer was claimed to check the hacked user’s wallet and eventually make transfers. It was made better than the previous version with increased detection evasion capabilities.
Cerberus Drainer was promised to impact over 30 networks with flexible drainer settings on the panel suggesting the increased effort and skill put into cybercrime.
On the bright side, the dark web marketplace called Piilopuoti was taken down with the collaborative effort of the Finnish Customs (Tulli), and the European partners. This dark web marketplace has been used to sell drugs and illegal commodities since May 2022.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.
