An online black market known as xDedic has a catalog of over 70,000 compromised servers, according to Kaspersky Lab.
The servers are in 173 countries and belong to businesses, universities and even government agencies — most of whom still have no idea they’ve been hacked. Worse, the hackers are peddling access to these servers for as little as $6.
Hackers at xDedic seem to have breached the servers using (relatively) simple trial-and-error methods and relied on known vulnerabilities, weak passwords and sometimes dumb luck. Once compromised, the hackers cataloged the servers’ software, browsing history and other details to help facilitate cheap sales with online buyers.
After purchasing, criminal hackers can use the servers to send spam, steal data and perform other nefarious acts while avoiding any real ties to the originating server. Once done, the hackers can then re-list the server for sale on the same marketplace.
According to Kaspersky:
“It is a hacker’s dream, simplifying access to victims, making it cheaper and faster, and opening up new possibilities for both cybercriminals and advanced threat actors.”
Kaspersky learned of the marketplace through a European ISP. While we’re still missing key details, it’s believed to have been created by Russians, and we know that it’s flourished for two years and had over 400 sellers as of May.
via PC World