A new type of underground market has emerged. Cyber criminals now have a transaction platform where they have the freedom of purchasing hacked servers worldwide. This particular trading platform is known as “xDedic” and has over 70,000 hacked servers on sale from all around the world.
The forum provides members with tools to patch RDP (Remote Desktop Protocol) servers to support multiple user logins, as well as other hacking tools, such as proxy installers and sysinfo collectors. The main goal of the xDedic forum is to facilitate the buying and selling of credentials for hacked servers which are available through RDP.
Interested buyers have the possibility to scan a list of available servers and each entry provides specific details on system information, whether admin privileges are available, antivirus running on the machine, browsers, uptime information, download and upload speeds, and the price and location.
Hacked servers affect websites and common software such as:
- Online Gambling and Betting
- Online Shops and Trading
- Banks and Payment Systems
- Dating Websites
- Ad Networks
- ISP/Cell phone operators
- E-Mail providers
- Browsers and IM and so on.
The possibilities for theft and fraud are endless via this forum.
Bought access can be temporary as well, as the administrators could change the buyer’s credentials over an acquired server or wipe the server or even take the server offline and the customer would lose any access.
We strongly advice users not to register to the xDedic marketplace, as any activity in the marketplace might be dangerous or even illegal.
Mauritian Computer Emergency Response Team (CERT-MU)
National Computer Board
7th Floor, Stratton Court
La Poudriere Street