17 June 2016 Current Affairs: Kaspersky Lab researchers have investigated a global forum where cyber criminals can buy and sell access to compromised servers for as little as $6 each.
The xDedic marketplace, which appears to be run by a Russian-speaking group, currently lists 70,624 hacked Remote Desktop Protocol (RDP) servers for sale and India ranks fourth in hacked servers with 3,488 compromised servers listed on xDedi as of May 2016.
According to the investigation, many of the servers host or provide access to popular consumer websites and services and some have software installed for direct mail, financial accounting and Point-of-Sale (PoS) processing.They can be used to target the owners' infrastructures or as a launch-pad for wider attacks, while the owners, including government entities, corporations and universities, have little or no idea of what's happening.
xDedic is a powerful example of a new kind of cybercriminal marketplace: well-organized and supported and offering everyone from entry-level cybercriminals to APT groups fast, cheap and easy access to legitimate organizational infrastructure that keeps their crimes below the radar for as long as possible.
xDedic is further confirmation that cybercrime-as-a-service is expanding through the addition of commercial ecosystems and trading platforms. Its existence makes it easier than ever for everyone, from low-skilled malicious attackers to nation-state backed APTs to engage in potentially devastating attacks in a way that is cheap, fast and effective.
A European internet service provider (ISP) alerted Kaspersky Lab to the existence of xDedic and the companies worked together to investigate how the forum operates.
Kaspersky Lab is a global cyber security company founded in 1997 and has deep threat intelligence and security expertise is constantly transforming into security solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe.