Have you been the unfortunate victim of a security breach? Do you fear the possibility of your company’s servers being compromised and controlled by an unknown malicious hacker? Worse, it could be sold on an online marketplace for cybercriminals. A new free tool from our cybersecurity engineers at LIFARS helps you check to determine if your data is being sold online on the widely-used and infamous cybercriminal marketplace, xDedic.
First revealed by security firm Kaspersky, xDedic, a flourishing underground marketplace was exposed to the world, one which sold compromised and stolen servers from all over the world. Sellers’ wares included web servers and databases from the likes of government networks and corporations alike.
A buyer gained access to all the data on a stolen server and use it to launch cyberattacks in the guise of the server’s owner. One server belonging to the government of a European Union nation was sold for as little as $6!
With a comprehensive sweep, Kaspersky totaled 70,624 servers put up for sale, from 416 different sellers. These servers were compromised across 173 countries. Suffice to say, the staggering reveal of the underground marketplace quickly led to a disappearing act from the internet by the website, as a whole.
Within a month, however, the xDedic marketplace was back online, this time on a Tor network domain along with a $50 enrollment fee. It’s clear that behind xDedic have increased their operational security, opting to function on the Tor network. Cybercriminals will find the new fee a small price to pay to gain membership into the world’s largest-known stolen server marketplace.
If you have any cause for concern that your server may be compromised, we recommend using our free tool right here