xDedic Whitepaper

xDedic Whitepaper by LIFARS

xDedic 

“xDedic” is an underground marketplace where cybercriminals are able to purchase over 70,000 hacked servers and databases from around the world. These webservers and databases range from private corporations to public government networks, and are sold at a relatively cheap price. xDedic is found on the domain xdedic[.]biz and is available for anyone to register. For new members who create an account with this underground marketplace, there is a small time frame of 72 hours to access the account. With the availability for potential buyers to see previews of compromised boxes containing many configuration details about the devices, this marketplace comes close to enabling the Utopian dream for a malicious hacker, with cheap and easy access to victims’ data. This document is an overview, guide to protecting your organization and a recent LIFARS investigation uncovering the xDedic Market.

In this white paper you will learn:

  • How attackers gain access to these compromised servers
  • What tools were used and installed into the hacked servers
  • Targets of xDedic
  • What steps should be taken if you fall victim to xDedic
  • What preventative measures should be taken

For any questions, please contact our Digital Forensics team, or for advice on protecting your organisation please contact LIFARS Incident Response team.