A peek inside a boutique cybercrime-friendly E-shop – part two

by


Increasingly populated by novice cybercriminals thanks to the rise of cybercrime-as-a-service underground market propositions, the cybercrime ecosystem is also a home to a huge variety of underground market players.

This overall availability of managed cybercrime services results in an increasing number of underground market propositions by novice cybercriminals looking for alternative ways to monetize the fraudulently obtained goods. Although their service cannot be compared to the services offered by sophisticated cybercriminals, this niche market segment is becoming increasing common these days.

In this post, I’ll profile yet another recently advertised boutique cybercrime-friendly E-shop, run by novice cybercriminals, offering access to hacked servers.

More details:

Screenshots of the boutique cybercrime-friendly E-shop offering access to hacked servers:

The E-shop allows potential customers the ability to choose the (stolen) account type in order for the interface to display detailed info of the hacked server, the type of account, the country of origin, next to the price. The Liberty Reserve accepting cybercrime friendly E-shop is currently selling access to hacked servers for prices varying between $6 and $13 per hacked server.

The novice cybercriminal behind this shop, would have obtained the stolen goods in numerous ways. For instance, he could be managing a small botnet that could be data mining  the malware-infected hosts for login credentials. Moreover, he could be easily purchasing access to these hacked servers for a cheaper price, and attempting to achieve a positive ROI (return on investment) by reselling them at a higher price. Next to these two alternatives, he could be also systematically attempting to exploit outdated and already patched remotely executable vulnerabilities in order to gain root/administrator access to these hosts.

Webroot will continue monitoring the shop’s latest propositions and future development.

You can find more about Dancho Danchev at his LinkedIn Profile. You can also follow him on  Twitter.


Trackbacks

  1. [...] to commodity underground goods and services such as managed spam, harvested email databases, boutique cybercrime-friendly services, services offering access to hacked PCs, managed malware crypting on demand, and managed email [...]

  2. [...] been witnessing an increase in underground market propositions advertised by what appears to be novice cybercriminals. The trend, largely driven by the increasing supply of cybercrime-as-a-service underground market [...]

  3. [...] the past couple of months, I’ve been periodically profiling the monetization tactics applied by novice cybercriminals, a market segment of less technically sophisticated individuals [...]

  4. [...] schemes, and just how prevalent their boutique E-shops really are. Consider also going through Part Two, Part Three, Part Four and Part Five of the [...]