Russian-speaking cyber criminals are selling access, password and other details of about 3,488 compromised servers in India for as low as $6, a report by cyber-security firm Kaspersky said Thursday. “Kaspersky Lab researchers have investigated a global forum where cyber criminals can buy and sell access to compromised servers for as little as $6 each,” the report said. The hackers trading platform, xDedic marketplace, said to to be run by a Russian-speaking group and currently lists 70,624 hacked Remote Desktop Protocol (RDP) servers for sale, it added.
“India ranks fourth in hacked servers with 3,488 compromised servers listed on xDedic as of May 2016. Many of the servers host or provide access to popular consumer websites and services and some have software installed for direct mail, financial accounting and Point-of-Sale (PoS) processing,” the report said. The report said that the access by cyber criminals can be used to target the owners’ infrastructures or as a launch-pad for wider attacks, while the owners, including government entities, corporations and universities, with the entities left in the lurch.
A European Internet service provider (ISP) alerted Kaspersky Lab to the existence of xDedic and the companies worked together to investigate how the forum operates.
The hackers on xDedic are offering access to wide range of servers including that of government networks, corporations and universities, servers tagged for gaming, betting, dating, online shopping, online banking and payment, cell phone networks and browsers, it said.