Saturday, February 22, 2025
HomeCyber Security NewsHackers Sell Compromised Emails and Google Ads Accounts on Dark Web

Hackers Sell Compromised Emails and Google Ads Accounts on Dark Web

Published on

SIEM as a Service

Follow Us on Google News

A new wave of cybercrime is surfacing as hackers exploit compromised emails and digital advertising platforms to create a thriving underground economy.

This illegal marketplace, primarily hosted on the dark web, trades in aged and pre-verified accounts, offering tech-savvy criminals tools to bypass security mechanisms and perpetrate malicious activity.

The Illicit Trade of Verified Accounts

Following a detailed investigation, researchers uncovered over 100 newly registered domains in December 2024, predominantly marketing pre-verified and aged accounts for platforms such as Google Ads, email providers, and social media networks.

These accounts, often obtained via phishing scams, hacking, or other nefarious means, are highly sought after for their ability to evade account verification processes and utilize the inherent trust associated with aged profiles.

While some purchasers seek these accounts for benign uses, such as targeting specific regions or enhancing social media marketing, many turn them into tools of fraud, spam, and disinformation dissemination.

These activities underline the new challenges posed by these underground marketplaces in an increasingly interconnected digital world.

Notable Domains in the Illicit Ecosystem

Several domains have been identified as key players in this ecosystem, offering everything from cloud service accounts to social media pages.

These websites claim to provide “pre-verified” and “aged” accounts to buyers, with promises of complete control over the purchased accounts.

Premium and aged social media acc
Premium and aged social media acc

Cloud and Advertising Accounts for Sale

  1. Topcloudacc[.]com
    • Offers accounts for platforms like AWS, Google Ads, and Oracle Cloud.
    • Website Title: “Buy AWS Account | Best 32-vCPU & Credit Account – 2025″
  2. Acctrusted[.]com
    • Claims to specialize in cloud services, including AWS, Azure, and DigitalOcean accounts.
    • Website Title: “Buy AWS Accounts | Best Vcpu & Credit Account For Sale 2024″
  3. Buybhwaccounts[.]xyz
    • Markets ads accounts and cloud accounts alongside BHW profiles.
    • Website Title: “Buy BHW Accounts – BHW Accounts For Sale – buybhwaccounts[.]xyz”

Social Media and Email Accounts

  1. Regularpva[.]com
    • Sells social media and dating accounts, including Facebook, Instagram, Gmail, and Yahoo.
    • Website Title: “Buy Social Media Accounts – Social Media Pages for Sale – SecurePVA”
  2. Discordarena[.]com
    • Redirects from other domains and sells “premium aged Discord accounts.”
  3. Redditaccsbuy[.]com
    • Specializes in aged and verified Reddit accounts with built-up karma.
    • Website Title: “Reddit Accounts with Karma for Sale”

The investigation reveals a troubling development in the sale of aged Google Ads accounts. Research shows that 128 nearly identical websites, created in December 2024, operate as interconnected networks to sell these accounts.

google Ads
google Ads

Using private blog networks (PBNs) to manipulate search engine rankings, these sites aim to direct maximum traffic to their illicit marketplaces.

Aged Google Ads accounts are particularly valuable to buyers trying to bypass Google’s robust review mechanisms.

Aged Google Ads accounts
Aged Google Ads accounts

These accounts, perceived as less likely to be flagged for suspicious activity, are often used for unauthorized advertising campaigns or black-hat marketing tactics.

The sale of pre-verified and aged accounts poses a significant cybersecurity threat. These accounts fuel criminal enterprises, from financial fraud to the spread of disinformation, and create complexities for digital platforms striving to ensure user security.

As the underground market for these accounts grows, cybersecurity experts and tech companies face mounting pressure to address this evolving threat.

Enhanced security protocols, detection of account irregularities, and proactive measures against phishing scams may hold the key to combating this alarming trend in cybercrime.

Collect Threat Intelligence with TI Lookup to improve your company’s security - Get 50 Free Request

Divya
Divya
Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Latest articles

SPAWNCHIMERA Malware Exploits Ivanti Buffer Overflow Vulnerability by Applying a Critical Fix

In a recent development, the SPAWNCHIMERA malware family has been identified exploiting the buffer...

Sitevision Auto-Generated Password Vulnerability Lets Hackers Steal Signing Key

A significant vulnerability in Sitevision CMS, versions 10.3.1 and earlier, has been identified, allowing...

NSA Allegedly Hacked Northwestern Polytechnical University, China Claims

Chinese cybersecurity entities have accused the U.S. National Security Agency (NSA) of orchestrating a...

ACRStealer Malware Abuses Google Docs as C2 to Steal Login Credentials

The ACRStealer malware, an infostealer disguised as illegal software such as cracks and keygens,...

Supply Chain Attack Prevention

Free Webinar - Supply Chain Attack Prevention

Recent attacks like Polyfill[.]io show how compromised third-party components become backdoors for hackers. PCI DSS 4.0’s Requirement 6.4.3 mandates stricter browser script controls, while Requirement 12.8 focuses on securing third-party providers.

Join Vivekanand Gopalan (VP of Products – Indusface) and Phani Deepak Akella (VP of Marketing – Indusface) as they break down these compliance requirements and share strategies to protect your applications from supply chain attacks.

Discussion points

Meeting PCI DSS 4.0 mandates.
Blocking malicious components and unauthorized JavaScript execution.
PIdentifying attack surfaces from third-party dependencies.
Preventing man-in-the-browser attacks with proactive monitoring.

More like this

SPAWNCHIMERA Malware Exploits Ivanti Buffer Overflow Vulnerability by Applying a Critical Fix

In a recent development, the SPAWNCHIMERA malware family has been identified exploiting the buffer...

Sitevision Auto-Generated Password Vulnerability Lets Hackers Steal Signing Key

A significant vulnerability in Sitevision CMS, versions 10.3.1 and earlier, has been identified, allowing...

NSA Allegedly Hacked Northwestern Polytechnical University, China Claims

Chinese cybersecurity entities have accused the U.S. National Security Agency (NSA) of orchestrating a...