By Dancho Danchev
Increasingly populated by novice cybercriminals thanks to the rise of cybercrime-as-a-service underground market propositions, the cybercrime ecosystem is also a home to a huge variety of underground market players.
This overall availability of managed cybercrime services results in an increasing number of underground market propositions by novice cybercriminals looking for alternative ways to monetize the fraudulently obtained goods. Although their service cannot be compared to the services offered by sophisticated cybercriminals, this niche market segment is becoming increasing common these days.
In this post, I’ll profile yet another recently advertised boutique cybercrime-friendly E-shop, run by novice cybercriminals, offering access to hacked servers.
Screenshots of the boutique cybercrime-friendly E-shop offering access to hacked servers:
The E-shop allows potential customers the ability to choose the (stolen) account type in order for the interface to display detailed info of the hacked server, the type of account, the country of origin, next to the price. The Liberty Reserve accepting cybercrime friendly E-shop is currently selling access to hacked servers for prices varying between $6 and $13 per hacked server.
The novice cybercriminal behind this shop, would have obtained the stolen goods in numerous ways. For instance, he could be managing a small botnet that could be data mining the malware-infected hosts for login credentials. Moreover, he could be easily purchasing access to these hacked servers for a cheaper price, and attempting to achieve a positive ROI (return on investment) by reselling them at a higher price. Next to these two alternatives, he could be also systematically attempting to exploit outdated and already patched remotely executable vulnerabilities in order to gain root/administrator access to these hosts.
Webroot will continue monitoring the shop’s latest propositions and future development.