The defunct xDedic marketplace has resurfaced on a Tor domain.
However, this time round, there is a USD 50 enrollment fee.
Their original domain had disappeared last month after a Kaspersky security report was published.
The report claimed that xDedic facilitated the sale of compromised RDP servers.
A Kaspersky Lab report published on 16 June claimed that xDedic provided a sale platform for about 70,000 hacked servers.
The Russian-speaking group behind the xDedic site allegedly was selling the servers for as little as $6 a piece, according to report.
xDedic disappeared a short while after this report was published.
Recently, Digital Shadows researchers reported that a post on 24 June to a Russian forum, exploit[.]in had included a link to the .onion website that was now hosting xDedic.
Observers and experts said that the design of the resurfaced darknet site was identical to the older one.
However, thread discussions pointed out to the fact that the previous accounts had not yet been transferred to the new one.
The site welcomed new registrations. However, the new accounts would have to be credited with $50 for further activation, reports claimed.
He added that the website was up now with added operational security.
He also added that they have to function with caution as they were not in a position to advertise but are using a link to point others to their site.
Nevertheless, they have to promote their services without revealing their identity.
At this point in time, they are relying on word of mouth publicity.
Researchers at the Kaspersky Lab collaborated with a European ISP and found out that xDedic launched in the year 2014.
They ended up advertising the hacked servers for sale in over 173 countries over a period of time.
The buyers were allowed to check out the hacked servers available for sale in terms of system specifications of the servers, availability of admin privileges, download and upload speeds, antivirus information, location and price of the server, browsers running on the machine, etc.
xDedic acted as a middleman in facilitating the sale of the hacked server.
xDedic took a commission from the total amount that was involved in the deal.
Concerning the resurgence of xDedic, Kaspersky researchers said that they were aware of the reappearance of the site and were in touch with the law enforcement agencies about the matter. They had a commitment to do so, they said.
With about 416 vendors that were doing business through xDedix, it was small wonder that the website would reappear again, John Chappell said.
However, it is not known whether the same numbers of hacked servers are available for sale now.
Chappell said that there would definitely be a certain number of servers that remain to be sold.
During the first round, the hacked servers spanned different industries such as gambling and dating sites, banking, online shopping sites, advertisement networks, etc.
Buyers also searched for the following items: mass emailing software for the purpose of spamming, tax preparation and accounting software, POS installations, and others.
These venues are known to provide countless ways in which people can be cheated.
The service provided by xDedic was valuable to the fraudsters in that trading via this website saved them a lot of money in learning how to hack into servers or learn to exploit the vulnerabilities of software packages such as Flash or WordPress.
All of these were readily available on the xDedic site.
Latest posts by Richard (see all)
- Wide Range of Job Ads Available on the Dark Web - November 5, 2018
- Continuous Exploit of RDP Pushes FBI to Issue Warning to Potential Targets - October 29, 2018
- Ross Ulbricht’s Fifth Year in Jail - October 10, 2018