Security & Fraud

Hacked Servers Sell For $6 On The Dark Web

Faster payments fraud

Kaspersky Lab researchers exposed a massive global underground market selling more than 70,000 hacked servers from government entities, corporations and universities for as little as $6 each.

The cybersecurity firm said the newly discovered xDedic marketplace currently has a listing of 70,624 hacked Remote Desktop Protocol (RDP) servers for sale. It’s reported that many of the servers either host or provide access to consumer sites and services, while some have software installed for direct mail, financial accounting and POS processing, Kaspersky Lab confirmed.

Costin Raiu, director of Kaspersky Lab’s global research and analysis team, said:

“XDedic is further confirmation that Cybercrime-as-a-Service is expanding through the addition of commercial ecosystems and trading platforms. Its existence makes it easier than ever for everyone, from low-skilled malicious attackers to nation-state-backed APTs to engage in potentially devastating attacks in a way that is cheap, fast and effective. The ultimate victims are not just the consumers or organizations targeted in an attack but also the unsuspecting owners of the servers. They are likely to be completely unaware that their servers are being hijacked again and again for different attacks, all conducted right under their nose.”

The global forum enables cybercriminals to both purchase and sell access to the compromised servers and represents what Kaspersky Lab describes as a “new kind of cybercriminal marketplace.”

The platform is well-organized and easily provides quick and cheap access to legitimate organizational infrastructure.

According to Kaspersky Lab, the xDedic marketplace may have started back in 2014 but has grown significantly since. As of May 2016, it listed 70,624 servers from 173 countries for sale and posted under the names of 416 different sellers.

Kaspersky Lab provided the following recommendations to organizations:

  • Implement multi-layered approach to IT infrastructure security that includes a robust security solution
  • Use of strong passwords in server authentication processes
  • Establish an ongoing patch management process
  • Perform regular security audits of IT infrastructures
  • Invest in threat intelligence services


Latest Insights: 

The Payments 2022 Study: Building A High-Performance Payments Team For Fraud Detection, a PYMNTS collaboration with Stripe, examines how digital platforms of all sectors and sizes plan to develop their anti-fraud teams as part of their their broader growth and development strategies. Drawing from an extensive survey from approximately 250 payments heads at digital platforms in the U.S. and abroad, our study analyzes how poor anti-fraud capabilities can harm platforms’ long-term growth strategies, and how they can build high-performing teams to tackle these challenges.

Click to comment


To Top