A joint operation conducted by law enforcement agencies in the United States and Europe allowed seizing the xDedic marketplace.
Law enforcement agencies in the US and Europe announced the seizure of the popular xDedic marketplace, an underground market offering for sale access to compromised systems and personally identifiable information.
“On 24 January, the U.S. Prosecutor’s Office for the Middle District of Florida, the FBI and the Internal Revenue Service (IRS) of Tampa (Florida), the Federal Computer Crime Unit (FCCU), the Federal Prosecutor’s Office and the Investigating Judge of Belgium, as well as the Ukrainian National Cyber Police and Prosecutor General’s office of Ukraine, with the support of the Bundeskriminalamt of Germany and Europol seized the xDedic Marketplace.” reads the press release published by the Europol.
The black marketplace has been active since 2014, it was first analyzed by experts at Kaspersky Lab in 2016.
At the time, the domain (xdedic[.]biz) went offline following a report from Kaspersky Labs that detailed in its Corporate News section, the scope, and method of operations of the illicit marketplace. The website quickly reappeared in the Tor network.
In 2016 the service was offering up to 70,000 hacked servers as little as $6 USD, and with 416 registered sellers in 173 countries, the platform was operating a highly successful global business model.
The researchers confirmed that the xDedic marketplace is run by a Russian-speaking group.
Law authorities in the United States, Belgium and Ukraine, in collaboration with the Europol, seized xDedic on January 24.
Buyers were able to search accesses to compromised systems by multiple criteria, including price, geographic location, and operating system.
The xDedic administrators maintained servers worldwide, they allowed payment in Bitcoin to protect users’ anonymity. Compromised systems belong to any industries, including local, state, and federal government infrastructure, hospitals, emergency services, major metropolitan transit authorities, accounting and law firms, pension funds, and universities.
According to the investigators, the website facilitated more than $68 million in fraud.
Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer.
Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US.
Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines.
Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.