Find a Question:
Forum offers paid access to more than a thousand hacked servers in Benelux
Security researchers from Kaspersky Lab have investigated a forum that serves as the hub for access to compromised servers. In May could be accessed through xDedic to more than 70,000 servers, including 1155 in the Benelux.
It involves hacked Remote Desktop Protocol servers, many of which host popular consumer websites and services, according to Secure List. Attackers can get through xDedic access to the hacked servers at prices starting around five euros and use it to launch attacks.
The management of the RDP servers are often acquired through brute force. At the forum can select customers rdp configuration, memory, existing software and more. In May, as the researchers access to 70 624 servers for sale in 173 countries. These included 736 Dutch servers and 419 servers in Belgium. According to the survey among the servers in many cases to reputable organizations, including government agencies and universities, and would which are often not aware of the abuse of their equipment.
The forum has been active for several years, but the activity and the number offered in recent months, hacked servers increased considerably. According to the researchers, there is a Russian-language group behind xDedic; the hacked servers are however offered by individuals. At the time of the study would go to 416 different vendors. The xDedic team also has its own rdp client, which should make it easier for customers to log into the hacked servers.
Kaspersky Lab was alerted by an ISP to the existence of the Forum and claims to work in cooperation with authorities for additional research. A comprehensive analysis of the xDedic Marketplace is published in a PDF.
Answer this Question
You must be Logged In to post an Answer.
Not a member yet? Sign Up Now »
Star Points Scale
Earn points for Asking and Answering Questions!