Home » Featured » xDedic is Back in Business on the Dark Web
Click Here To Hide Tor

xDedic is Back in Business on the Dark Web

xDedic, the underground market offering access to thousands of government, business, and university servers that have been hacked was exposed earlier this year, and has once again resurfaced, this time with a new onion address (xdedicvhnguh5s6k.onion.top)

The market, revealed in June 2016 Kaspersky Lab report, is in the business of selling access to around 70,000 compromised web servers from over 150 countries around the world. Shortly after the website was brought to light, owners and administrators shut it down.

xDedic

The cybersecurity firm based in the UK, Digital Shadows, has come forth to tell us how the market has resurfaced on Tor, but is now charging a $50.00 fee for entry into the markets. A report said that researchers found a post on a Russian language forum about how the market has resurfaced on June 24th. The post was made by someone of established history with the forum, and even included a link to the market.

“The new xDedic site was found to be identical in design to the previous site and although discussion in the thread indicated that accounts on the previous site had not been transferred to the new site, accounts could be freely registered,” Digital Shadow commented.

“However, following registration, accounts had to be credited with $50 in order to activate them. Searches indicated that the new xDedic domain had also been shared on a French language dark web criminal site, but the exception of Tor domain aggregation lists could not be located elsewhere. This development has likely corroborated this assessment,” Digital Shadow said further.

D.S. was unable to analyze traffic to the domain due to it being hosted on Tor. The firm commented, “It is assessed as a realistic possibility that at the time of writing, awareness that the site had returned was relatively low. However, as the previous site was attracting 30,000 users a month at the time it closed down, it is assessed as likely that awareness and use of the new site will increase in the immediate to midterm future.”

Kaspersky has not been silent though. In response to the news from D.S. Kaspersky commented back, “We are aware of reports of the return of xDedic and are monitoring the situation. We have a policy to share the findings of cybercriminal research with the relevant law enforcement agencies, and we have already done so in the case of xDedic.”

Kaspersky has said that in its initial findings, each purchase on xDedic came bundled with software that could be used to help launch DdoS attacks, orchestrate spam campaigns, and exploit P.O.S. retail systems.

“From government networks to corporations, from web servers to databases, xDedic provided a marketplace for buyers to find anything. The best thing about it, it’s cheap. Purchasing access to a server located in a European Union country government network can cost as little as $6. The one-time cost gives a malicious buyer access to launch further attacks. It is a hacker’s dream, simplifying access to victims, making it cheaper and faster, and opening up new possibilities for both cybercriminals and advanced threat actors,” Kaspersky said in a blog post.

8 comments

  1. Website seems suspicious, gave back this message:

    xdedicvhnguh5s6k.onion.top uses an invalid security certificate. The certificate is not trusted because it is self-signed. Error code: SEC_ERROR_UNKNOWN_ISSUER

    • @Concerned. You think it’s suspicious that an underground market uses a self-signed certificate? Your obvious lack of basic knowledge is more concerning, considering you are visting .onion.tops

  2. No Script JavaScript is disabled in your browser. Please enable it to view this site.

    why they want javascript? scam?

  3. Their RDP autoshop is awesome

    here is clearnet link

    {no refs, thanks}

  4. The feds just raided me and 9 of my friends 6 months ago for app so please be careful everyone

  5. Can’t register, keep getting this message…

    “Registration is by invitation only

    Your code is not the actual or wrong!”

  6. I have the same problem. how could I get a registration?

  7. any invitation available?

Leave a Reply

Your email address will not be published. Required fields are marked *

*

Captcha: *