Dubbed xDedic, the illegal online marketplace let cybercriminals buy, sell or rent out access to thousands of hacked computers and servers across the world and personally identifiable information of U.S. residents.
The underground website had been around for years with its administrators strategically maintaining and concealing the locations of its servers all over the world to facilitate the operation of the underground site.
xDedic offered buyers to search for over 176,000 unique compromised servers—which were usually in the form of credentials for compromised Remote Desktop Protocol (RDP) accounts—from around the world by price, operating system, or even their geographic location from where it was stolen.
xDedic impacted victims in multiple industries, "including local, state, and federal government infrastructure, hospitals, 911, and emergency services, call centers, major metropolitan transit authorities, accounting and law firms, pension funds, and universities."
report from Kaspersky Lab, which claimed xDedic was operated by a group of Russian-speaking hackers.
The underground marketplace facilitated more than $68 million in fraud before it was takedown on Thursday (24 January 2019), while the Europol and the U.S. Department of Justice announced the takedown on 28 January.
🔐 Mastering API Security: Understanding Your True Attack Surface
Discover the untapped vulnerabilities in your API ecosystem and take proactive steps towards ironclad security. Join our insightful webinar!Join the Session
Authorities said they dismantled and seized xDedic's infrastructure located in Belgium and Ukraine. People still accessing the underground website would be redirected to a page displaying the marketplace has been taken offline.
Meanwhile, Ukrainian authorities have announced the arrest of three suspects after they searched at least nine locations in Ukraine last week and seized several IT systems.