Monday, March 17, 2025
Follow us On Linkedin
HomeComputer Security3000 Hacked Websites Access comes to Sale in Russian Underground Dark Web...

3000 Hacked Websites Access comes to Sale in Russian Underground Dark Web Marketplace

Computer SecurityDark WebData BreachSecurity Hacker

Published on

By Balaji
3000 Hacked Websites Access comes to Sale in Russian Underground Dark Web Marketplace

Supply Chain Attack Prevention

SIEM as a Service

Follow Us on Google News

Cybercriminals listed 3000 Hacked websites access for sale in Russian based underground marketplace that sells for less than $50.

The underground marketplace is the best area for criminals where they can sell and buy various malicious software and stolen data for a very cheapest price.

This hacked website selling in Russian-speaking underground marketplace called MagBo where the advertisement calling the shop as “the best thing on the dark side.”

These websites belong to the breaches that launched against U.S., Russian, or German based hosting services.

Most Of the compromised sites are E-commerce and other sectors such as healthcare, legal, education, insurance, and government agencies.

This MagBo Dark web marketplace is specifically engaged for selling and buying things such as breached sites, databases, and administrator panels.

MagBo Marketplace 

MagBo has been listed as one of the top marketplaces in Russian-language hacking and malware forum and the cybercriminals offer a compromised website that was breached via following bypass methods.

  • PHP shell access
  • Hosting control access
  • Domain control access
  • File Transfer Protocol (FTP) access
  • Secure Socket Shell (SSH) access
  • Admin panel access
  • Database or Structured Query Language (SQL) access

Apart from this buyers can also find the privilege level of the listed sites for selling and its label as the following category.

  •  Full access permissions
  • Abilities to edit content
  • Add your content.

According to Flashpoint, In addition to access to breached websites, this particular market also sells stolen photocopies of national documents for identity fraud, breached payment wallet access, compromised social media accounts, and Bitcoin mixer or tumbler services.

Hacked Websites Usage

These compromised websites are used for various malicious purposes including spreading malware, spam campaign,  cryptocurrency mining and gaining the access to the corporate networks.

Also, it allows accessing the sensitive internal document, finding the vulnerabilities to exploit the internal networks and other criminals activities.

Researchers believe that This is an uneasy trend that may have manifested itself already in a few high-profile publicly disclosed incidents.

Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Latest articles

CVE/vulnerability

Kentico Xperience CMS Vulnerability Enables Remote Code Execution

In recent security research, vulnerabilities in the Kentico Xperience CMS have come to light,...
CVE/vulnerability

Wazuh SIEM Vulnerability Enables Remote Malicious Code Execution

A critical vulnerability, identified as CVE-2025-24016, has been discovered in the Wazuh Security Information...
CVE/vulnerability

Espressif Systems Flaws Allow Hackers to Execute Arbitrary Code

A series of vulnerabilities has been discovered in Espressif Systems' ESP32 devices, specifically affecting...
AI

AI Operator Agents Helping Hackers Generate Malicious Code

Symantec's Threat Hunter Team has demonstrated how AI agents like OpenAI's Operator can now...

Supply Chain Attack Prevention

Free Webinar - Supply Chain Attack Prevention

Recent attacks like Polyfill[.]io show how compromised third-party components become backdoors for hackers. PCI DSS 4.0’s Requirement 6.4.3 mandates stricter browser script controls, while Requirement 12.8 focuses on securing third-party providers.

Join Vivekanand Gopalan (VP of Products – Indusface) and Phani Deepak Akella (VP of Marketing – Indusface) as they break down these compliance requirements and share strategies to protect your applications from supply chain attacks.

Discussion points

Meeting PCI DSS 4.0 mandates.
Blocking malicious components and unauthorized JavaScript execution.
PIdentifying attack surfaces from third-party dependencies.
Preventing man-in-the-browser attacks with proactive monitoring.

Register Now

More like this

Cyber Security News

Jaguar Land Rover Hit by HELLCAT Ransomware Using Stolen Jira Credentials

The HELLCAT ransomware group has claimed responsibility for a significant data breach at Jaguar...
Amazon AWS

86,000+ Healthcare Staff Records Exposed Due to AWS S3 Misconfiguration

A non-password-protected database belonging to ESHYFT, a New Jersey-based HealthTech company, was recently discovered...
Cyber Security News

Telecom Giant NTT Confirms Data Breach Affecting 18,000 Corporate Customers

Japanese telecom giant NTT Communications (NTT Com) has confirmed a data breach that compromised...

GBHackers on Security is a top cybersecurity news platform, delivering up-to-date coverage on breaches, emerging threats, malware, vulnerabilities, and global cyber incidents.

Company

Trending

Categories

Copyright @ 2016 - 2024 GBHackers On Security - All Rights Reserved