Image: Group-IB
The average price of a phishing kit sold on cybercrime markets has gone up in 2019 by 149%, cybersecurity firm Group-IB said today.
In a report shared with ZDNet and which will go live later today, the company said it compiled these numbers by analyzing ads posted on known cybercrime markets and hacking forums.
Group-IB says the average price for phishing kits sold on the cybercrime underground in 2019 has skyrocketed to $304 on average last year, up from only $122 recorded in 2018.
Phishing kit prices rose despite an increase in the number of kit sellers (up by 120%) and the number of phishing kit ads (doubled in 2019).
Of the 16,200 phishing kits Group-IB identified and tracked in 2019, the company said the most targeted login pages were for Amazon, Google, Instagram, Office 365, and PayPal.
Amazon and PayPal are known targets of phishing operations, as access to both accounts can allow hackers to make fraudulent transactions with victims’ funds.
Access to Google and Office 365 accounts can often lead to compromises of corporate networks, which also explains why most phishing kits come with support for targeting the two services.
The oddity on the list is Instagram. However, it is not quite so. In recent years, a cybercrime community has developed around the hacking and selling of high-user-count Instagram accounts.
Most of this trading takes place on a forum known as OGUsers, and this appears to have attracted phishing kit sellers to the site as well. Group-IB says that this OGUsers is one of the three top three cybercrime forums where phishing kits can be purchased, next to Exploit and Crimenetwork.
Phishing is harder now, so prices are going up
There are a series of reasons why prices for phishing kits increased in 2019. The primary one is that the efficiency of exploit kits has gone down in recent years as browsers have become harder to hack. This, in turn, has pushed more and more hackers to embrace email-based attacks as their primary method of breaching organizations.
Today, a large chunk of the cybercrime ecosystem is driven by email-based attacks. While most email attacks focus on delivering malware-infected files or luring users on sites where they can download malware, a large part of these attacks are also phishing attempts.
Phishing, which refers to luring a user to a web page hosting a fake login page, is underpinned by “phishing kits.”
These are web-based apps that hackers use to host the actual phishing page, the actual code that collects the phished login details, and a collection of email templates that hackers use to lure victims on the phishing page itself.
Having access to a good phishing kit is a must, and the best phishing kits come a large number of phishing templates and features to bypass email security systems.
Prices for phishing kits went up in 2019 because phishing kits have had to become more complex as they had to constantly adapt to find new ways to bypass phishing protections. This constant development results in the addition of new features, which, just like in legitimate software, drive the price up.
Furthermore, there are also other reasons. Buyers, for example, are also learning from their past mistakes. Cheap or free phishing kits often contain backdoors, so most buyers have now learned to go for high-value products rather than free tools, which indirectly increases the demand, and phishing kit prices also go up.
All in all, this is very good news. An axiom of the cyber-security sector is that hacking tools prices are indirectly proportional with a legitimate product’s security. The higher the price for a hacking tool, the harder a legitimate product is to hack. In other words, phishing kit prices going up in 2019 is excellent news, as this means email security systems are getting better at detecting attacks.