Tag Archives: Compromised

Cybercrime-friendly service offers access to tens of thousands of compromised accounts

Posted on by

By Dancho Danchev

Among the first things a cybercriminal will (automatically) do, once they gain access to a compromised host, is to retrieve account/credential data.

From compromised FTP credentials, CPanel accounts, portfolios of domains, to hacked PayPal and Steam accounts, cybercriminals are actively utilizing compromised infrastructure as a foundation for the success of their fraudulent or malicious campaigns, as well as for anonymization ‘stepping stones’ tactics in an attempt to forward the risk of getting tracked down through a series of network connections between malware infected hosts located across the globe.

In this post, I’ll highlight the existence of a cybercrime-friendly service that has been supplying virtually anyone who pays for access, with tens of thousands of compromised accounts.

More details: Continue reading

Recently launched E-shop sells access to hundreds of hacked PayPal accounts

Posted on by

By Dancho Danchev

Largely relying on sophisticated and legitimate-looking phishing campaigns, next to active data mining of a botnet’s infected population, today’s cybercriminals are in a perfect position to monetize these fraudulently obtained assets in the form of compromised accounts.

From compromised social networking accounts, to direct access to compromised servers and desktop PCs, the market segment has been steadily growing over the past couple of months.

In this post I’ll profile a newly launched cybercrime-friendly E-shop selling access to compromised accounts belonging primarily to PayPal users, but also, compromised accounts belonging to Apple, Walmart, Ebay and Skype users.

More details:

Continue reading

New E-shop selling stolen credit cards data spotted in the wild

Posted on by

By Dancho Danchev

What happens once a cybercriminal has managed to obtain access to your credit card data by either compromising an insecure database, or through crimeware dropped on an affected host? Would he purchase blank plastic and holograms and embed the stolen data in an attempt to cash out as much money as possible, or would he look for alternative “risk forwarding” tactics to earn revenue while preserving his security and anonymity in the process?

It depends on the cybercriminal in question. In this post, I’ll profile a recently launched E-shop offering complete access to stolen credit cards data  primarily belonging to U.S citizens.

More details:

Continue reading

New Russian service sells access to compromised social networking accounts

Posted on by

By Dancho Danchev

On daily basis, hundreds of thousands of legitimate accounts across multiple social networks get compromised, to be later on abused as a platform for launching related cyber attacks and social engineering attempts.

Recently, I came across a new Russian service offering access to compromised accounts across multiple social networks such as Vkontakte, Twitter, Facebook, LiveJournal, and last but not least, compromised email accounts. What’s particularly interesting about this service is the fact that it’s exclusively targeting Russian and Ukrainian users.

More details:

Continue reading