4. BlackHole
Exploit Kit
First spotted in 2010
$500-$700 a month
$10,000/month pro version
Dmitry Fedotov (Paunch)
Togliatti, Russia
Earned $2.5m
Arrested 2013
5. Known Vulnerabilities
Vulnerability Disclosures Growth by Year
1996-2013 H! (projected)
10000
9000
8000
7000
6000
5000
4000
3000
2000
1000
0
2013 prediction of (1st half doubled)
6. Zero-Day Exploits for Sell
Provider Offering Remark/Source
End game
Systems
25 exploits/year
USD $2.5M
Source: Symantec Research Labs
Business Week
http://www.businessweek.com/magazine/cyber-weapons-
the-new-arms-race-07212011.html
Exodus
Intelligence
60 exploits/year Service Offering
https://www.exodusintel.com/rsrc/exodusintelligenc
e_EXP.pdf
ReVuin >9 exploits/year Minimum estimate by counting
exploits demonstrated here:
http://vimeo.com/53806381 (2013-09-27)
VUPEN >7 exploits/year
>15 to 20 binary
analysis and private
1-day exploits/month
Minimum estimate by counting list
of published exploits here:
http://www.vupen.com/blog/ (2013-09-27)
Service Offering:
http://www.vupen.com/english/services/ba-gov.php
8. Nikita Vladimirovich
Kuzmin, 25, Russian,
developed Gozi, arrested
2010
Deniss Calovskis, Latvian,
added web injects,
arrested 2012
Mihai Ionut Paunescu
(“Virus”), Romanian,
operating C&C, arrested
2012
Made tens of millions
9. Zeus
Botmaster
Hamza Bendelladj
24 years
Algerian
Arrested 2013 in Thailand
217 financial institutions
flying first class and living
a life of luxury
10. Money Mules
Eastern Europeans
working in the US
Given fake passports
to open bank accounts
Ringleader of the New
York-based money
mule gang was Artem
“Artur” Tsygankov,
a Russian citizen
living in New York
14. Marketplace for stolen information
online stores that
sell stolen card
data and
credentials
Associated with
hacking forums
“Helkern,” one of
darklife’s three
founders