The Exodus Market, a haven for exiled criminals, has grown to become a significant player in the black market economy.
The user “ExodusMarket” originally announced Exodus Market for Logs on the Cracked forum on February 10, 2024, after it was formally launched at the end of January 2024.
Twice, in March 2024 and July 16, 2024, the logs platform’s original domain was modified.
The Exodus Market is a simple website with a few features that are already available on other log markets. The TA charges between $3 and $10 for each bot, and it claims to have over 7,000 bots in 192 countries.
The network accepts Bitcoin, Monero, and Litecoin as payment methods. Users are required to deposit their cryptocurrency in the deposit box on the platform.
The threat actor advertised the new domain on July 23. The threat actor provided free enrollment to new users with a referral code in an attempt to draw in new customers.
Cyble Research & Intelligence Labs (CRIL) claims that ExodusMarket activity on Cracked identifies the potential founder of the website.
This person has been active on the forum since 2020 under the username “Kira3301” and is a well-known website developer.
The platform’s bots tab provides preview data, including the first two parts of the IP address, prices, country, OS systems, date of addition, and resources consumed by the bot.
The platform also has a wiki tab, which is supposed to have general information but is currently unfinished, and a ticketing facility for client complaints.
The market can formally communicate with its clients through a Telegram channel. On the other hand, the low quantity of views and subscribers indicates a smaller pool of potential clients.
“The TA previously offered installers for InfoStealers and RATs for $150 and mentoring sessions for the use of InfoStealers”, reads the report.
Hence, Operation Endgame and other law enforcement initiatives that have disrupted multiple infrastructures of ransomware groups like Lockbit and ALPHV and dismantled up Bumblebee, IcedID, Pikabot, SystemBC, SmokeLoader, and Trickbot botnets have proven to be highly effective obstacles for these criminal ecosystem.
Reports have emerged of a potential data breach involving EazyDiner, a leading restaurant reservation platform.…
A critical vulnerability has been discovered in Salesforce applications that could potentially allow a full…
A significant vulnerability has been identified in TP-Link's HomeShield function, affecting a range of their…
APT36, a Pakistani cyber-espionage group, has recently upgraded its arsenal with ElizaRAT, a sophisticated Windows…
A Russian court has sentenced Stanislav Moiseyev, believed to be the founder of the notorious…
With Sweet, customers can now unify detection and response for applications, workloads, and cloud infrastructure …