New underground service offers access to hundreds of hacked PCs

by


Want to buy anonymous access to hacked PCs, spam-free SMTP servers (Simple Mail Transfer Protocol), or compromised bank accounts?

A newly launched underground Web service, is currently offering access to hundreds of hacked PCs, SMTP servers, and hacked bank accounts.

Let’s take a deeper look:

The service is advertised as all-in-one shop for “Shells / Rdp / Smtp / Leads / roots” accounts on multiple cybercrime-friendly Web forums.

The price for a compromised Windows PC is static compared to previously profiled shops offering access to compromised PCs, and is $8 per PC. Next to compromised PCs, the boutique Web shop is also selling 80,000 harvested Excite.com emails, and numerous compromised bank accounts. The price for a bank account with a balance of $6000 is, $135.

Screenshots of the service:

Screenshots of the compromised bank accounts offered as proof:

How is it possible that they’re selling access to a bank account that has as balance of $6000 for just $135?

The process is called risk-forwarding, similar to that of recruiting money mules for processing of the fraudulent funds. Basically, the cybercriminals behind the operation are incapable of obtaining the full amount of money available in the bank account, and are only interested in charging a static, market-independent amount of money for it.

In comparison, sophisticated vendors interested in repeated purchases, and long-term relationships within the  cybercrime ecosystem, will usually accept bulk orders and offer suitable discounts for purchasing hundreds of thousands of compromised hosts.

Webroot’s security researchers will continue monitoring the development of the service, and post updates to this post, as soon as a new threat vector emerges.

Meanwhile, customers are advised to check their bank statements regularly for possible fraudulent purchases, and to take advantage of mobile notification services alerting them every time money goes in and goes out of their bank accounts.

You can find more about Dancho Danchev at his LinkedIn Profile. You can also follow him on  Twitter.


0 comments

Trackbacks

  1. [...] Raúl Batista – Segu-Info Autor: Dancho Danchev Fuente: Webroot Blog Leer más: Segu-Info: Nuevo servicio clandestino ofrece acceso a cientos de PCs comprometidas [...]

  2. [...] services such as managed spam, harvested email databases, boutique cybercrime-friendly services, services offering access to hacked PCs, managed malware crypting on demand, and managed email hacking as as service, the cybercrime [...]

  3. [...] popular providers of free Web based email, development of DIY image spam generating platforms, conversion of malware-infected hosts into spam spewing zombies, and most importantly, efficient ways to bypass anti-spam filters put in [...]

  4. [...] into consideration the static prices for the stolen credit cards. Just like in a previous case of a vendor of compromised accounts selling a stolen credit card with a balance of $6,000 for $135, in this case we also have static [...]

  5. [...] compromised social networking accounts, to direct access to compromised servers and desktop PCs, the market segment has been steadily growing over the past couple of [...]

  6. [...] New underground service offers access to hundreds of hacked PCs – Although these services have been available to cybercriminals for years, in 2012 we once again witnessed an increased growth in their overall availability. Seeking more customers, where the trade off is undermined OPSEC (Operational Security), services that were once exclusively available at invite-only cybercrime-friendly communities, started getting advertised at publicly accessible forums. We expect this trend to continue throughout 2013, with the cybercriminals operating these services proving, that, they can remain anonymous and continue offering them on the public Web. [...]

  7. [...] in the same way as another cybercriminal whose operations we profiled in 2012. Back then, he was selling access to a compromised bank account with a balance of $6,000 for $165. What we’ve got here is a decent example of how these [...]