Cybercriminals are a resourceful bunch but underground marketplaces selling hacking tools are making it even easier for them to conduct their nefarious businesses. One of these marketplaces is xDedic, where you can find almost anything for attackers to launch attacks on unsuspecting individuals and organisations, including 70,624 compromised servers selling for as little as $US6 each. A portion of those servers are from Australia.
Shady businessman image from Shutterstock
xDedic is like the Ebay for cybercriminal. It’s run out of Russia and doesn’t sell anything itself. Instead, it has a bunch of sellers that can sell access to compromised servers. Security Vendor Kaspersky Lab has been tracking xDedic activities and has found that, as of May, access to 70,624 hacked servers were being sold on the marketplace.
The servers, which are accessed through remote desktop protocol (RDP) software, originate from 173 affected countries and three per cent of them are from Australia. These servers belong to a range of government entities and private organisations.
According to Kaspersky Lab:
“Purchasing access to a server located in a European Union country government network can cost as little as $US6.
The one-time cost gives a malicious buyer access to all the data on the server and the possibility to use this access to launch further attacks. It is a hacker’s dream, simplifying access to victims, making it cheaper and faster, and opening up new possibilities for both cybercriminals and advanced threat actors.”
xDedic sellers pride themselves on providing a great customer experience too, offering technical support and special tools to patch hacked servers allowing buyers access different services at once.
Kaspersky Lab said it has reported the marketplace to appropriate authorities and is assisting in an ongoing investigation.
[Via Kaspersky Lab]