Cybercrooks are pimping out pwned RDP servers
Russian miscreants are behind the xDedic marketplace
Cybercriminals are buying and selling access to compromised servers for as little as $6 each.
The xDedic marketplace, which appears to be run by a Russian-speaking group, lists 70,624 hacked Remote Desktop Protocol (RDP) servers for sale.
Kaspersky Lab researchers warn that crooks can abuse the compromised systems to hack into associated corporate networks or as a launch-pad for wider attacks.
Systems being pimped out by crooks include servers in government entities, corporations and universities – almost all of which will be blissfully unaware that anything is amiss. Many of the servers host or provide access to popular consumer websites and services, and some even have software installed for direct mail, financial accounting and Point-of-Sale (PoS) processing.
Last month 416 unique sellers listed servers 173 countries as up for sale.
Everyone, from entry-level cybercriminals to APT groups, is a potential customer of the newly-discovered cybercriminal marketplace, which appears to have begun its illicit operations two years ago. ®