Authorities Shut Down xDedic Marketplace For Buying Hacked Servers

The FBI, together with authorities from several European countries, have seized the domains and servers of xDedic, a notorious online marketplace where cyber-criminals would sell and buy access to hacked servers. From a report: The site has been around since 2014, but it became widely known after a Kaspersky report published in June 2016. According to the report, the site was operating as a registration-based online marketplace where several criminal groups would either put up for sale or buy hacked servers, usually in the form of compromised RDP (Remote Desktop Protocol) accounts. At the time, Kaspersky said the site listed nearly 70,000 hacked servers, for prices as little as $8 per server. [...] In Europol and FBI press releases published today, authorities announced that they've seized both the domains and the servers hosting the marketplace, effectively shutting down the site and gaining access to its list of customers.

$8 a server?

That's WAY better than AWS or Azure. Wish I'd got in on that.

Re:$8 a server?

Why would I want to buy a hacked server? It's hacked.

Oh, they're talking about selling access to hacked servers.

This site is crap. Sad. All the editors should repeat fifth and sixth grade. All of it, not just recess like last time.

Ahh the 90's...

We used to call them dumpsites, shell boxes, etc. Different time and place I guess, we didn't use them for harm so much as warez and porn. Sure some doubled as what you'd now call ddos booters but generally speaking that wasn't their goal. Kids today have no fuckin clue how life works.

Capatcha: lonely. Fitting and creepy slashdot.

Re:Ahh the 90's...

Good times, setting up eggdrops to idle in our Efnet channels 24/7.

Re:Ahh the 90's...

We used to call them dumpsites, shell boxes, etc.

That brings back some memories... Buying shell accounts specifically to run eggdrop bots on. I remember spending hours on IRC. Actually ended up becoming friends, in real life, with several folks I chatted with on Undernet.

RDP?

[klingens]

They sell RDP access to servers? Servers?
I presume Windows has a way better marketshare in the server space than previously thought, or just simply even worse security and patching than previously thought?
Is there any reason that ssh is a bad thing or are the customers there all script kiddies who are lost without a mouse and some button to click?

Re: RDP?

Usually the servers are hacked through the applications they host, although RDP bruteforce also happens.

Re:RDP?

I've known lazy people who have told me they port forwarded an RDP port direct from the internet to a windows server for remote access... Doesn't surprise me at all...

Re:RDP?

I worked for an insurance company, who provided health/life/medicare supplement insurance. Their remote access solution for contract salepeople was an MS terminal server exposed directly to the internet - they didn't even bother changing to a non-standard port because they were worried that would be too hard for the salespeople. Somehow they managed to keep this hidden from external PCI, HIPPAA, and CMS auditors. This was only 6 years ago.

Re:RDP?

[Vanyle]

It isn't that windows have better market shares, it is just that they are the ones that get hacked the easiest.

Re: RDP?

[JcMorin]

It blow my mind that when I come to a new Windows server. The default setting is that you don't see the IP address of someone trying to make connection and there is nothing to block or prevent someone trying one millions login in a row. Even basic ftp and email software have that.

Alternative

The better alternative is just to make an image of the server and encrypt the hell out of it so only the customer can see it's contents.

Problem solved.

buying servers vs buying access

buying SERVERS is one thing, but buying ACCESS to servers is another - the headline is very, very misleading - the headline makes it seem like people are able to buy the servers in that bloomberg article a while back

It wuz haxx0rz!

No matter what really happened.

Say HAXX0RZ!!1! for grate klikcz.

No surprise it's msmash posting crud again.

And this will accomplish...absolutely nothing

[gweihir]

Or rather it will make the situation worse, as the next marketplace to replace this one will just have better security. The way to fight this is improving server security, nothing else will help.