Remember that time you were looking for a government server? No! It’s fine anyway, but next time you want a government server you can always get one for as little as $6.
It’s been revealed that an online black market has been selling government servers for as little as $6. The market which is known as xDedic already has a catalog of 70,000 compromised servers which are all up for sale. Kaspersky Lab researchers discovered the black market. According to them, the servers for sale are located in 173 countries, and most of them are used by the government, universities, and organizations. The security firm also noted that most of the hacked servers’ owners had no idea what was happening.
The hackers who work for the xDedic market managed to get hold of the servers through the trial and error method and use of different password combinations. The hackers also catalogued the server software, the browsing history, and various other details which might make it useful for the buyers.
Kaspersky wrote that every hacker desired to simplify access to victims, to make the route of passage cheap and faster, and also creating new channels and possibilities for future cyber attackers and advanced threat actors. The servers can be used to send spam, steal data such as credit card information, and also create various other types of attacks. The security company said that getting an EU country government server cost $6.
When a buyer is done doing what they want with the server, it is put up for sale again and as such creates an ever evolving inventory and income. Kaspersky said that they noticed the xDedic black market through a European ISP. Russian hackers might have created the marketplace, but they do not seem to have relations with those involved in the server market.
As of May, the black market has 416 sellers. Data shows that nine percent of the servers for sale are in Brazil, seven percent in China and six percent in Russia. 51 percent of the servers are put in the section ‘other’. Kaspersky mentioned that they had managed to identify some of the victims of the servers being held and had managed to notify them of the problem. The marketplace is active on the dark web, therefore, can’t be discovered through any major search engine, but it appeared it had been taken down on Wednesday.