Here criminals can buy attack tools for as little as $6. Attack /Defence tools against government organisation cost only $15.
Security experts have stated that there are markets on the darknet which act like eBay in which black hat hackers are selling access to more than 70,000 compromised servers across the globe. Cyber criminals typically buy such compromised servers to launch devastating cyberattacks on major companies across the globe.
As per researchers at Kaspersky, the eBay like forum appears to be run by a group of Russian speaking individuals. The forum offers access to hacked computer systems owned by governments, individuals and companies across 173 nations, without the knowledge of the computer system’s legitimate owners.
Access to a compromised server can be as little as $6. The access comes with an array of tools with which one can mount Denial-Of-Service (DOS) attacks, launch massive spamming campaigns, illicitly manufacture bitcoins and even compromise the payment system which retailers bank on, said the researchers at Kaspersky.
Access to government servers in multiple countries start at $7. This includes access to foreign as well as interior ministries, town halls, and commerce departments, said Costin Raiu, director of Kaspersky’s research and analysis team.
Circulating in this market is also the hundreds of millions of stolen login credentials that had made the news in recent months.
“Stolen credentials are just one aspect of the cybercrime business,” said Raiu in an interview. “In reality, there is a lot more going on in the underground. These things are all interconnected.”
This eBay like marketplace goes by the name of xDedic. Incidentally, Dedic is short for dedicated, a term that is typically used by Russians in the context of a Remote Administration Tool (RAT).
As per Raiu, the owners of the XDedic platform, take an upfront fee of 5% of the money put into trading accounts. The platform connects criminals buyers to hackers with compromised servers.
As per Kaspersky, the RAT tool used on the forum is widely used by network administrators to provide technical support to consumers using Microsoft Windows. Costs for high bandwidth connections could go as high as $15.
The low priced products, with the searchable features of XDedic, is a major draw since potential buyers can peruse though the capabilities of attack and defensive tools before they actually pay for the service. The defensive tools range from providing protection from entry level cyber criminals to state-sponsored espionage groups.
Raiu disclosed that an internet service provider in Europe alerted Kaspersky of the existence of the xDedic platform.
Much to Kaspersky’s surprise high profile targets include a well-known U.S aerospace firm, banks in the U.S, South Korea, Saudi Arabia, Jordan, Kazakhstan, Cyprus and Philippines. The list also include well known chemical companies in Thailand and Singapore as well as oil companies in China and the UAE.
While declining to specifically name the organisation on the target list, Raiu mentioned that the emergency response teams in the countries mentioned have been notified.
Categories: Economy & Finance, Geopolitics, Regulations & Legal, Strategy
manageria.biz 
Leave a comment