PandaLabs, Panda Security’s research arm, released a sweeping report today on the cyber-underground.
In the report, PandaLabs chronicles a vast network selling stolen bank credentials and more on Internet forums and more than 50 dedicated online stores. Through their research, Panda got its hands on a trove of data about how the market for stolen information works. According to the company, the cyber-crime business diversified in 2010, and now sells a broader range of compromised information beyond the traditional banking credentials.
“A few years ago, it was just a question of the sale of a few credit card details,” the authors wrote. “Now, in addition to offering all types of information about victims -even the name of the family pet- other services are available, including physical cloning of cards or making anonymous purchases and forwarding the goods to the buyer.”
The prices for the data varied. PayPal accounts for example started at $10, but increased substantially if there was a guarantee of a minimum balance in the account.
In addition to the sale of stolen data, the report also touches on other aspects of cyber-crime, such as the botnet-renting business. The full report can be downloaded here (PDF).