The Latest in IT Security

Underground Radar: Possible Compromise of and its Subdomains


We recently found an interesting post in a Russian underground forum in the course of our research. People exchange information about their illegal activities in these kinds of forums. We found a user in the forum with the handle ‘sourcec0de’ and ICQ number ‘291149′ who is currently offering root access to some of the cluster servers of and its subdomains.

Click for larger view

The screenshot above shows that the seller appears to have a shell console window with root access to these servers. The price for each access starts at $3,000 USD, with the exchange of money/access being provided by the well known garant/escrow system, whereby a trusted third party verifies both sides of the transaction.

In our previous underground research, we have also seen the user ‘sourcec0de’ selling stolen PayPal accounts and discussing the management of botnet command and control servers.

We contacted about this issue last week. We are making this public to stress the fact that hackers do not only profit from selling stolen data or by inserting bad links into spammed or phishing messages, websites and other possible infection vectors . In this case, whether sourcec0de’s claim is true or not, it shows how cybercriminals are so brazen as to sell admin access to specific systems, which could be negatively impacted by their break-ins.

Leave a reply


SATURDAY, MAY 30, 2020

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...



Latest Comments