According to this article There is a thriving black market for support for cybercrime , the article refers to a key note (1 hour 18 min video.) given by the Lead Investigator from the Center for Internet Epidemiology and Defenses
They claim the black market pricelist is:
- 1,000 compromised host $5
- DDoS attack for one hour $8
- Solve 1,000 captchas $1
Besides the above mentioned services it is also possible to buy hosting for your C&C server or rent BotNets for other purposes, such as spamming, malicious code delivery or other actions. There is also a thriving market for zero-day vulnerabilities, collections of email addresses or credit card details and malicious source code.
My opinion of this market analysis is that there is a consolidation and specialization happening in the black hat hacker community. It is a if, money and profit is the primary motivator for conducting cyber crime. The providers of captcha solving services is using people instead of software, as it is cheaper to pay a third world person $1 for eight hours of work to type on the keyboard.
Fore more information Symantec released this report on the underground economy in 2008 (PDF)