Kaspersky Lab released a report on June 15 on the “XDedic” marketplace. According to the report,
“xDedic” is a trading platform where cybercriminals can purchase any of over 70,000 hacked servers from all around the internet. It appears to be run by a Russian-speaking group of hackers.
The report includes screenshots of the XDedic user dashboard, which includes information about price to obtain access to the server, the server’s location and speed, and other details.
Kaspersky’s investigation suggests that the servers are first accessed through password brute-force attacks, after which a malware (Trojan) client is installed that makes the server available on the XDedic network. Another program is also installed that uses the compromised server to mine bitcoins. Access to some of the servers available on this marketplace can be gained for as little as $8.
This report underscores both the technological and commercial sophistication of the cybercrime underworld.