April 5, 2012Dancho Danchev By Dancho Danchev

New underground service offers access to hundreds of hacked PCs

Want to buy anonymous access to hacked PCs, spam-free SMTP servers (Simple Mail Transfer Protocol), or compromised bank accounts?

A newly launched underground Web service, is currently offering access to hundreds of hacked PCs, SMTP servers, and hacked bank accounts.

Let’s take a deeper look:

The service is advertised as all-in-one shop for “Shells / Rdp / Smtp / Leads / roots” accounts on multiple cybercrime-friendly Web forums.

The price for a compromised Windows PC is static compared to previously profiled shops offering access to compromised PCs, and is $8 per PC. Next to compromised PCs, the boutique Web shop is also selling 80,000 harvested Excite.com emails, and numerous compromised bank accounts. The price for a bank account with a balance of $6000 is, $135.

Screenshots of the service:

Screenshots of the compromised bank accounts offered as proof:

How is it possible that they’re selling access to a bank account that has as balance of $6000 for just $135?

The process is called risk-forwarding, similar to that of recruiting money mules for processing of the fraudulent funds. Basically, the cybercriminals behind the operation are incapable of obtaining the full amount of money available in the bank account, and are only interested in charging a static, market-independent amount of money for it.

In comparison, sophisticated vendors interested in repeated purchases, and long-term relationships within the  cybercrime ecosystem, will usually accept bulk orders and offer suitable discounts for purchasing hundreds of thousands of compromised hosts.

Webroot’s security researchers will continue monitoring the development of the service, and post updates to this post, as soon as a new threat vector emerges.

Meanwhile, customers are advised to check their bank statements regularly for possible fraudulent purchases, and to take advantage of mobile notification services alerting them every time money goes in and goes out of their bank accounts.

You can find more about Dancho Danchev at his LinkedIn Profile. You can also follow him on  Twitter.

Share Button

9 Responses to New underground service offers access to hundreds of hacked PCs

  1. Excellent commentary. Last week I was tipped off about this site and wanted to let you know that I have been gratified, going through your writings. I will be signing up to your blogs feed and will wait for your next post.

  2. Pingback: Nuevo servicio clandestino ofrece acceso a cientos de PCs comprometidas | Informática Legal - Asesores en Derecho Informático, de Internet y los Emprendimientos Web

  3. Pingback: Cybercriminals infiltrate the music industry by offering full newly released albums for just $1 « Webroot Threat Blog

  4. Pingback: Russian Ask.fm spamming tool spotted in the wild « Webroot Threat Blog

  5. Pingback: New E-shop selling stolen credit cards data spotted in the wild « Webroot Threat Blog – Internet Security Threat Updates from Around the World

  6. Pingback: Recently launched E-shop sells access to hundreds of hacked PayPal accounts « Webroot Threat Blog – Internet Security Threat Updates from Around the World

  7. An impressive share! I’ve just forwarded this onto a friend who has been conducting a little homework on this. And he actually bought me breakfast due to the fact that I found it for him… lol. So let me reword this…. Thanks for the meal!! But yeah, thanx for spending some time to discuss this issue here on your internet site.

  8. Pingback: Webroot’s Threat Blog Most Popular Posts for 2012 « Webroot Threat Blog – Internet Security Threat Updates from Around the World

  9. Pingback: New underground E-shop offers access to hundreds of hacked PayPal accounts | Webroot Threat Blog - Internet Security Threat Updates from Around the World

Leave a Reply

Your email address will not be published. Required fields are marked *

true