Researchers at Kaspersky Lab, a global computer security firm based in Moscow, said the online forum appears to be run by a Russian speaking group. It offers access to hacked mainframes owned by governments, companies and universities in 173 countries, unknown to the servers legitimate holders. Access goes for as little as $6 for a compromised server. Each comes pee-equipped with a variety of software to mount denial-of-service attacks on other networks, launch spam campaigns, illegally manufacture bitcoin currency or compromise online or retail payment systems. Starting at $7, buyers can gain access to government servers in several countries, including interior and foreign ministries, commerce departments and several town halls,
Costin Raiu, director of Kaspersky’s research and analysis team, said “the market might also be used to exploit hundreds of millions of old, stolen email credentials reported in recent months to be circulating in the criminal underground”. Stolen credentials are just one aspect of the cybercrime business, Raiu told Reuters in an interview. In reality, there is a lot more going on in the underground. These things are all related. The marketplace goes by the name xDedic. Dedic is short for dedicated, a term used in Russian online forums for a computer under remote control of a hacker and available for use by other parties.
XDedic connects vendors of compromised servers with criminal users. The market’s owners take a 5 percent up-front fee on all money put into trading accounts. Kaspersky found the machines run remote desktop software widely used by network administrators to provide technical support for Microsoft Windows users. Access to servers with high capacity network connections may cost up to $15. Low prices, searchable feature lists that advertise attack capabilities, together with services to secure illegal consumers from becoming detected attract buyers from entry-level cyber criminals to state-sponsored espionage groups.
An anonymous Internet service provider in Europe warned Kaspersky to the existence of xDedic. High-profile targets include a U.S. aerospace firm, banks in the United States, Philippines, Kazakhstan, Jordan, Ghana, Cyprus, South Korea and Saudi Arabia, chemical firms in Singapore and Thailand and oil companies in China and the United Arab Emirates.