An underground marketplace mimicking eBay for cyber criminals is selling access to over 70,000 compromised servers giving buyers an open door for cyber attacks worldwide security experts said.

Kaspersky lab researchers based in Moscow said the online forum looks to be run by Russian speaking individuals. They offer access to hacked computers mostly owned by governments, companies and universities in 173 countries.

Access goes for as little as $6 for an infected server coming pre-equipped with a variety of software to inject denial of service attacks, spam campaigns and illicitly manufacture bitcoin currency said researchers. For $7 one can gain access to government servers in several countries including interior and foreign ministries, commerce departments and several town halls said the director Kaspersky's director Costin Raiu. He said the market might also be used to exploit hundreds of millions of old, stolen email credentials reported in recent months to be circulating in the criminal underground. "Stolen credentials are just one aspect of the cybercrime business," Raiu told Reuters in an interview. "In reality, there is a lot more going on in the underground. These things are all interconnected."

The marketplace goes by the name xDedic. Dedic is short for dedicated, a term used in Russian online forums for a computer under remote control of a hacker and available for use by other parties.

XDedic connects sellers of compromised servers with criminal buyers.
Kaspersky found the machines run remote desktop software widely used by network administrators to provide technical support for Microsoft Windows users. Access to servers with high capacity network connections may cost up to $15.

High-profile targets include a U.S. aerospace firm, banks in the United States, Philippines, Kazakhstan, Jordan, Ghana, Cyprus, South Korea and Saudi Arabia, chemical firms in Singapore and Thailand and oil companies in China and the United Arab Emirates, Kaspersky found.

Raiu declined to name the organizations. He said Kaspersky has notified national computer emergency response teams in several countries.

SOURCE: UKREUTERS


For more information about Redport’s information assurance and cyber security services, visit www.redport-ia.com, email us at info@redport-ia.com, like us on Facebook, and follow us on Twitter@redport_ia.