August 2, 2013 By Dancho Danchev

New ‘Hacked shells as a service’ empowers cybercriminals with access to high page rank-ed Web sites

Whether it’s abusing the ‘Long Tail’ of the Web by systematically and efficiently exploiting tens of thousands of legitimate Web sites, or the quest to compromise few, but high-trafficked, high page rank empowered Web sites, compromised shell accounts are an inseparable part of the cybercrime ecosystem.

Aiming to fill in a niche in the market segment for compromised/hacked shells, a newly launched service is offering a self-service type of underground market proposition, whose inventory is currently listing over 6000 compromised/hacked shells internationally.

More details:

Sample screenshots of the ‘inventory’ of the service:

Hacked_Compromised_Web_Shells_Buy_Sell_Purchase_Service_DIY Hacked_Compromised_Web_Shells_Buy_Sell_Purchase_Service_DIY_01

Potential customers are allowed to search by a specific TLD, as well as the option to filter the search results based on the price, page rank, ‘age’ of the domain, Alexa ranking, language, and number of pages indexed by Google.

Throughout the last couple of years, multi-tasking cybercriminals started abusing access to these compromised sites in multiple fraudulent/purely malicious ways. From blackhat SEO (search engine optimization), to the direct hosting of malware and phishing pages on the compromised sites, the vibrant underground market segment for compromised shells continues to facilitate the (commercial) exchange of access to compromised Web sites. Due to the overall availability of DIY botnet generating tools, we expect that this market segment will continue flourishing, with cybercriminals finding more ‘creative’ and customer-oriented ‘solutions’ to automate the buying/selling process.

Consider going through the following posts if you’re interested in knowing more about the monetization techniques observed over the last couple of years, in terms of compromised shells as means for abusing access to a particular Web site:

You can find more about Dancho Danchev at his LinkedIn Profile. You can also follow him on Twitter.

Share Button
1 comments

Trackbacks

  1. […] магазинах русских хакеров продавался доступ к десяткам тысяч сайтов, среди которых нашлось […]

true