Authorities Shut Down xDedic Marketplace For Buying Hacked Servers (zdnet.com) 16
The FBI, together with authorities from several European countries, have seized the domains and servers of xDedic, a notorious online marketplace where cyber-criminals would sell and buy access to hacked servers. From a report: The site has been around since 2014, but it became widely known after a Kaspersky report published in June 2016. According to the report, the site was operating as a registration-based online marketplace where several criminal groups would either put up for sale or buy hacked servers, usually in the form of compromised RDP (Remote Desktop Protocol) accounts. At the time, Kaspersky said the site listed nearly 70,000 hacked servers, for prices as little as $8 per server. [...] In Europol and FBI press releases published today, authorities announced that they've seized both the domains and the servers hosting the marketplace, effectively shutting down the site and gaining access to its list of customers.
RDP? (Score:2)
They sell RDP access to servers? Servers?
I presume Windows has a way better marketshare in the server space than previously thought, or just simply even worse security and patching than previously thought?
Is there any reason that ssh is a bad thing or are the customers there all script kiddies who are lost without a mouse and some button to click?
Re: RDP? (Score:1)
Usually the servers are hacked through the applications they host, although RDP bruteforce also happens.
Re: (Score:2)
Re: (Score:2)
It isn't that windows have better market shares, it is just that they are the ones that get hacked the easiest.
buying servers vs buying access (Score:1)
buying SERVERS is one thing, but buying ACCESS to servers is another - the headline is very, very misleading - the headline makes it seem like people are able to buy the servers in that bloomberg article a while back
And this will accomplish...absolutely nothing (Score:2)
Or rather it will make the situation worse, as the next marketplace to replace this one will just have better security. The way to fight this is improving server security, nothing else will help.