Dedicated servers have always been a great tool for hackers to execute countless nefarious activities. What is rather disconcerting is how underground markets often specialize in selling access to such hacked servers. The xDedic marketplace is home to quite a few of these offerings, most of which are hacked servers belonging to schools and universities.
xDedic Marketplace Has Plenty of Server Listings
Peddling illegal goods and services on the darknet has become increasingly easy over time. As a result, there is far more nefarious activity going on on these underground forums compared to anywhere else on the Internet. Several darknet marketplaces have seen their share of success over the past few years, including xDedic. This particular marketplace specializes in selling access to servers and computers, all of which are hacked remotely.
While that in itself is a troublesome development already, things are getting a lot worse as of late. New research indicates the majority of sales related to server access on xDedic come in the form of servers belonging to schools and universities. Additionally, hackers also penetrated quite a few healthcare and legal firm’s servers, all of which are peddled on the marketplace as well.
The xDedic marketplace is operated by a group of criminals and hackers who execute brute-force attacks against servers using the Remote Desktop Protocol. In nearly every case, the server listed on the darknet marketplace will be running a version of the Windows operating system, although there are some Linux offerings as well. At the time of the research, access to roughly 85,000 servers and computers was up for sale.
Accessing the xDedic marketplace is not free, as interested parties need to pay a US$50 entrance fee. However, once they gain access to the marketplace, it becomes possible to browse compromised servers with relative ease. In fact, most servers can be accessed for under US$15, which is quite a cheap price. Once criminal gains access to such a server, they can steal data, install ransomware, or conduct surveillance of all activities.
Some people may wonder why researchers can’t stop the xDedic gang, especially when considering how famous they have gotten. The team uses a set of proprietary tools which are continuously updated to avoid detection. Moreover, the group continues to hone their brute-forcing technique at every possible turn. The group is also targeting services all over the world, including in the US, Germany, and Ukraine.
It is not surprising to learn the xDedic crew is mainly targeting servers belonging to educational institutions. Schools and universities often have the least mature security departments and are unable to detect or mitigate such attacks. Plus, their servers often have the RDP protocol enabled as students want to access course material from home. Unfortunately, that makes the servers a prime target for the xDedic group as well.
If you liked this article, follow us on Twitter @themerklenews and make sure to subscribe to our newsletter to receive the latest bitcoin, cryptocurrency, and technology news.