Skip to main content
  1. Home
  2. Computing
  3. Web
  4. News

The demand for hacking tools and malware is greater than the current supply

Add as a preferred source on Google

A 34-page report published by Positive Technologies reveals a high demand for malware creation on the dark web: Three times greater than the current supply. The report is based on 25 Russian and English-based dark web sites with around 3 million registered individuals to reveal the most-popular malware in use today, the cost of attack services, and more.

“Such utilities are becoming increasingly available as a result of partner programs, malware leasing, and as-a-service distribution models,” the firm states. “This trend is not only causing a rise in the number of cyber-incidents, but seriously hindering investigative efforts to properly attribute attacks.”

Recommended Videos

What is the dark web? Of all the internet pages available on the web, only four percent are indexed in search engines. The remaining “hidden” pages fall into the “deep web” consisting of private forums, databases and other resources both legal and illegal. It’s this illegal portion that falls under the dark web banner: A place you should never, ever visit without full protection.

On the dark web you’ll find the “shadow market,” a place where illegal products and services are sold. Most of what you’ll find on this market can be split into four categories: Malware (ransomware, miners), Exploits (known, zero-day), Data (credit cards, banking), and Access (user credentials).

Image used with permission by copyright holder

Currently, the most widely used malware is the cryptominer, which seizes PCs and mines digital coins for hackers. In second place are hacking utilities followed by botnet malware, Remote Access Trojans, and ransomware. The remaining 55 percent deals with creation and distribution.

On the pricing front, the most expensive “service” can cost more than $4,500 for attacking an organization, depending on the difficulty. Malware designed for attacking ATM machines has a starting cost of $1,500 while compromising a website to gain full control can cost a mere $150. But that’s just a sample: Any type of attack is possible if you have the funds, such as a DDoS attack for around $50 per day.

The average cost of malware in dollars. Image used with permission by copyright holder

According to the report, the most requested hack-for-hire request is finding vulnerabilities followed by accessing email accounts. Social network account and email hacks are at the top of the commonly offered services list, as these attacks are supposedly the easiest to perform.

The report also notes the prison time you’ll receive for hacks and attacks. For instance, hacking the accounts of U.S. government officials will land you a five-year prison sentence while conducting a DDoS attack requires a minimum of one year in prison. If you want a long-term stay, managing a shadow service will place you behind bars for 35 years.

Positive Technologies ultimately points out that the fight against cybercriminals is only getting harder. Just in the first quarter of 2018 alone, the number of hacker-related incidents was up 32 percent versus the same quarter in 2017. The fact that the demand for new hacking tools is greater than the current supply is alarming enough.

A good way to protect yourself is to routinely change passwords, use two-factor authentication, biometrics, and/or use physical USB-based security keys.

Kevin Parrish
Kevin started taking PCs apart in the 90s when Quake was on the way and his PC lacked the required components. Since then…
Apple’s Hide My Email feature has an unfixed bug that leaves email addresses exposed
100% exploitable in limited testing, known since June 2025, and still unfixed as of today.
apple-merging-sign-in-with-apple-hide-my-email-icloud+

Apple has been selling Hide My Email to keep your real email address hidden, but it has a vulnerability that does the exact opposite. The worst part is that the company has known about it for a year. 

Hide My Email, part of Apple’s paid iCloud+ subscription, lets users generate anonymous email addresses for signing up to a website, so that their personal or work email remains free of promotional emails and spam. 

Read more
I hate sharing my Mac, but a face-unlocking app finally cured my privacy paranoia
Someone finally built the app locker every Mac user has been asking for.
FaceGate in action on Mac

If you have ever handed your Mac to a friend, family member, or coworker for "just a minute," you know the mild panic that follows. Sure, your Mac has a lock screen, but once someone is past it, they can open Messages, Photos, Notes, Mail, WhatsApp, and your browser.

iPhones had the same issue, but Apple solved it by adding an app lock feature with the iOS 18 update. Sadly, no such feature exists for macOS. That’s where the new FaceGate app for Mac can help you. It’s a free and open-source app that lets you lock apps on your Mac and even has some novel tricks up its sleeve. So, let’s talk about it, shall we?

Read more
The charm of a tiny Windows tablet is apparently dead at Microsoft. Long live the Surface Go!
Microsoft’s budget Surface era may be over
Microsoft Surface Go 3 stand.

Microsoft might be cleaning up its Surface lineup. According to Windows Central, Microsoft has stopped manufacturing the Surface Go and Surface Laptop Go lines, with no successors currently planned. Surface Go 4 and Surface Laptop Go 3 are reportedly out of stock in most places, and once remaining retail stock is gone, that may be it.

If this is true, then we are looking at the end of the brand's budget Surface PCs as Microsoft has plenty of premium Windows hardware.

Read more