Who wants to be a millionaire?
Botnets and DDoS, these words are never too far apart. However, DDoS is just the tip of the iceberg for what botnets are actually used for in the cybercrime community. Money talks - and botnets are the supply side of cybercrime that drive multiple different campaigns like phishing, exploit kit delivery, adware and banking trojans.
This talk uncovers the complex structure of cybercrime and how most criminal campaigns are linked to botnets as their supply and delivery mechanism. We will explore the economy of cybercrime and calculate in figures the amount of money renting a botnet or building a botnet can profit cybercriminals. You will learn exactly how and what botnets are used for outside DDOS and you will walk away understanding how phishing/spam emails or banking trojans link back to botnets. Afterall, how can you protect against criminals without understanding them?
Finally, I will present my 2019 Crime Economy which I’ve designed that maps out the hierarchy and the revenue streams derived from hiring botnets to run coordinated campaigns. This aims to assist blue teams have a better understanding about the criminals they’re protecting against.
Lina Lau @inversecos is the ANZ Threat Hunting and Incident Response lead at Accenture Security. Her primary interests lies in botnets, malware and exploit development.