Authorities seized the domain names of the popular xDedic Marketplace that sold access to hacked servers worldwide as well as the personally identifiable information.
The platform buyers and sellers to send to trade with RDP login details and the cost varies between six to over ten thousand dollars.
Authorities believe the website facilitated more than $68,000,000 in fraud. the market place managed to sell more than 70,000 RDP login passwords to servers from 170 countries.
The market place was operated for years and the administrators maintain the server all over the world. It is a
The victim’s of this service comes all around the world and involved all kinds of industries including local, state, and federal government infrastructure, hospitals, emergency services, major metropolitan transit authorities, accounting and law firms, pension funds, and universities.
The international operation to dismantle and seize this infrastructure is the result of close cooperation with law enforcement authorities in Belgium and Ukraine, as well as the European law enforcement agency Europol.
The seizure orders were executed against the domain names of the xDedic Marketplace under the authority of 18 U.S.C 981(b)as a part of coordinated law enforcement action.
According to Flashpoint the threat actors behind xDedic launch large scale brute force attacks to collect as much information as possible before sorting its potential value attacks.