Russian online black market sells access to hacked servers
A MAJOR underground marketplace - acting like an eBay for criminals - is selling access to more than 70,000 compromised servers, allowing buyers to carry out cyber-attacks around the world, security experts said on Wednesday.
Researchers at Kaspersky Lab, a global computer security firm based in Moscow, said the online forum appears to be run by a Russian-speaking group. It offers access to hacked computers owned by governments, companies and universities in 173 countries.
Access goes for as little as US$6 (S$8) for a compromised server.
Each comes pre-equipped with software to mount denial-of-service attacks on other networks, launch spam campaigns, illicitly manufacture bitcoin currency or compromise online or retail payment systems, the researchers said.
Starting at US$7, criminal buyers can gain access to government servers in several countries, including interior and foreign ministries and commerce departments, said Costin Raiu, director of Kaspersky's research and analysis team.
The marketplace goes by the name xDedic. The owners take a 5 per cent fee on all money put into trading accounts, Mr Raiu said.
Targets include a US aerospace firm, banks in the United States, the Philippines, Kazakhstan, Jordan, Ghana, Cyprus, South Korea and Saudi Arabia, chemical firms in Singapore and Thailand and oil companies in China and the United Arab Emirates.
Mr Raiu said Kaspersky has notified national computer emergency response teams in several countries.