Cybercrime market sells servers to hack for $6
An underground marketplace mimicking eBay for cyber criminals is selling access to over 70,000 compromised servers giving buyers an open door for cyber attacks worldwide security experts said.
Kaspersky lab researchers based in Moscow said the online forum looks to be run by Russian speaking individuals. They offer access to hacked computers mostly owned by governments, companies and universities in 173 countries.
Access goes for as little as $6 for an infected server coming pre-equipped with a variety of software to inject denial of service attacks, spam campaigns and illicitly manufacture bitcoin currency said researchers. For $7 one can gain access to government servers in several countries including interior and foreign ministries, commerce departments and several town halls said the director Kaspersky's director Costin Raiu. He said the market might also be used to exploit hundreds of millions of old, stolen email credentials reported in recent months to be circulating in the criminal underground. "Stolen credentials are just one aspect of the cybercrime business," Raiu told Reuters in an interview. "In reality, there is a lot more going on in the underground. These things are all interconnected."
The marketplace goes by the name xDedic. Dedic is short for dedicated, a term used in Russian online forums for a computer under remote control of a hacker and available for use by other parties.
XDedic connects sellers of compromised servers with criminal buyers.
Kaspersky found the machines run remote desktop software widely used by network administrators to provide technical support for Microsoft Windows users. Access to servers with high capacity network connections may cost up to $15.
High-profile targets include a U.S. aerospace firm, banks in the United States, Philippines, Kazakhstan, Jordan, Ghana, Cyprus, South Korea and Saudi Arabia, chemical firms in Singapore and Thailand and oil companies in China and the United Arab Emirates, Kaspersky found.
Raiu declined to name the organizations. He said Kaspersky has notified national computer emergency response teams in several countries.
SOURCE: UKREUTERS
For more information about Redport’s information assurance and cyber
security services, visit
www.redport-ia.com,
email us at
info@redport-ia.com,
like us on
Facebook, and follow us on
Twitter@redport_ia.