Wednesday, April 30, 2025
HomeBackdoorCybercrime as a Service - Hackers Selling Ransomware, RDP logins and Credit...

Cybercrime as a Service – Hackers Selling Ransomware, RDP logins and Credit Card Details on the Underground Markets

Published on

SIEM as a Service

Follow Us on Google News

The underground markets flooded with a number of hacking tools that can be used to perform various malicious activities in the form of Cybercrime as a Service.

All these tools and services are offered at various pricing range, there are here are a number of dark web markets available such as Berlusconi Market, Empire Market, Wall Street Market, DreamPoint.

An analysis by Eset estimates the cost of products on the dark web markets and their prices.

- Advertisement - Google News

RaaS

A ransomware-as-as-service is a service allows attackers to host their service in dark web which allows anyone to buy and use the services with their own modifications.

Eset spotted a wide range of ransomware packages for sale on the dark web, the criminals offering Updates, technical support, access to C&C servers.

Also Read: Hackers Offering DDoS-for-Hire Service Powered by Bushido Botnet in Dark Web Markets

RDP Logins

RDP logins sold on the dark web markets giving access to various RDP servers around the globe and the price varies between US$8-15 per server based on country and operating system.

“After buying such access, a cybercriminal might then use it to run ransomware or perhaps to install more discreet malware, such as banking Trojans or spyware.”

Servers for DDoS attacks

Cybercriminals put botnets on sale for launching DDoS attacks or for sending spam emails. the price varies depends on the service and how long you are to use the botnet.

The price ranging from 1 to 24 hours, an example indicates for three hours it costs US$60.

PayPal and credit card accounts

Credit card and Paypal details are for sale in various dark web stores and the charges about 10% of the total credit available in the stolen account.

Some cybercriminals also show what are the tools that they have used in conducting the phishing activity.

So, we can see that cybercriminals, hidden by tools that give them a certain degree of anonymity, have put together a profitable criminal industry, which includes everything from advertising and marketing to customer service, updates, and user manuals.  ESET Said.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity updates also you can take the Best Cybersecurity courses online to keep your self-updated.

Also Read: Cybercrime-as-a-Service – DDoS Attack Services Available in Dark Web Markets for $10 per Hour

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

Trellix Launches Phishing Simulator to Help Organizations Detect and Prevent Attacks

Trellix, a leader in cybersecurity solutions, has unveiled its latest innovation, the Trellix Phishing...

AiTM Phishing Kits Bypass MFA by Hijacking Credentials and Session Tokens

Darktrace's Security Operations Center (SOC) in late 2024 and early 2025, cybercriminals have been...

Nitrogen Ransomware Uses Cobalt Strike and Log Wiping in Targeted Attacks on Organizations

Threat actors have leveraged the Nitrogen ransomware campaign to target organizations through deceptive malvertising...

Researchers Reveal Threat Actor TTP Patterns and DNS Abuse in Investment Scams

Cybersecurity researchers have uncovered the intricate tactics, techniques, and procedures (TTPs) employed by threat...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

Trellix Launches Phishing Simulator to Help Organizations Detect and Prevent Attacks

Trellix, a leader in cybersecurity solutions, has unveiled its latest innovation, the Trellix Phishing...

AiTM Phishing Kits Bypass MFA by Hijacking Credentials and Session Tokens

Darktrace's Security Operations Center (SOC) in late 2024 and early 2025, cybercriminals have been...

Nitrogen Ransomware Uses Cobalt Strike and Log Wiping in Targeted Attacks on Organizations

Threat actors have leveraged the Nitrogen ransomware campaign to target organizations through deceptive malvertising...