Authorities shut down xDedic marketplace for hacked servers

Authorities in the US and Belgium announced Monday (Jan.28th) they have shut down the domains and servers of xDedic, a notorious marketplace for cybercriminals to buy and sell access to compromised servers, according to a recent press release.

Many of the hacked servers offered on xDedic give cybercriminals access to sensitive data such as credit card numbers, computer credentials, confidential email correspondence or other valuable information.

Authorities in Tampa, Florida, estimate the marketplace brought in more than $68m (£51m) in fraud by obtaining and exploiting personal information from a number of different people.

“The victims span the globe and all industries, including local, state, and federal government infrastructure, hospitals, 911, and emergency services, call centres, major metropolitan transit authorities, accounting, and law firms, pension funds, and universities,” said the US Attorney’s office for the Middle District of Florida.

Joint investigation

The FBI and IRS, along with other authorities from several European countries, worked together to seize the domains and servers of xDedic infrastructure.

US agents worked with authorities from Belgium, Ukraine, Europol, and other investigators to conduct house searches in nine locations in Ukraine last Thursday, according to the federal prosecutor’s office in Belgium.

“Several IT systems were confiscated and three Ukrainian suspects were questioned,” the office said in a statement. “The house searches are related to two criminal investigations into the illegal online marketplace called xDedic.”

In 2016, authorities in Belgium launched an investigation into xDedic after the site was used to sell access to machines from several different organisations in the country.

It wasn’t until the beginning of 2018, were Belgium, Ukraine, Eurojust, and Europol signed a Joint Investigative Team (JIT) to carry out investigations related to the site.

Meanwhile, authorities in the US were also conducting their own investigation, and last year joined forces with European investigators.

According to a press release by Eurojust, the European Union’s judicial cooperation unit, investigators were able to view previously concealed sever information that helped them identify administrators in Ukraine.

“Devastating blow against the online marketplace”

“Through their coordinated efforts, Belgian, Ukrainian and American judicial, prosecutorial and police authorities struck a devastating blow against the online marketplace for the illegal trade of hacked computer systems,” the statement read.

“An important signal was also sent to the perpetrators of other online criminal activities, including on the dark web, that they are not immune from criminal investigation and prosecution.”

Commenting on the shut down of the xDedic marketplace, Ilia Kolochenko, the CEO of web security High-Tech Bridge said: “Unfortunately, this is just a drop in the ocean of stolen data market. Other similar markets and platforms of different sizes exist, including more discreet ones where one can buy virtually anything including access to breached law enforcement systems and stolen data. Worse, cybercriminals will certainly learn a lesson and move their data and servers to other jurisdictions immune to justice.

“We should treat the root cause of skyrocketing cybercrime – growing economic inequality and global poverty. Otherwise, while we dig up standalone trees, a dark forest will grow behind. Hopefully, the seized data will shed some light on previously unknown data breaches and help to investigate them.”

Related Posts