Dark web markets are selling remote access to corporate PCs allowing hackers to leak information from important private and public companies.
The dark vendors, known as Dark web market Ultimate Anonymity Services (UA) is currently offering Remote Desktop Protocol (RDP) servers for as little as $3, allowing hackers to steal and spy on data from companies without the use of any malware, which in turn, grants them security while doing these nefarious activities. This phenomenon has been increasingly selling credentials to RDP servers and could present an even bigger threat to companies in the future.
Once the hackers are in via RDPs they can access a PC, thus compromising the corporate network and leaving it vulnerable to espionage, leaks, data breaches, and much more. This sort of activity is even a bigger of a threat on Windows PCs and a valuable tool for cybercriminals to make money of information.
The Remote Desktop Protocols being sold by the group called Dark Web Market Ultimate Anonymity Services (UAS) are sourced from education, government, and healthcare organizations. These activities were first discovered and recorded by the Security department of Flashpoints, who have stated that RDPs from all over the world are being sold in the Dark Web UAS.
In accordance to Flashpoint experts, the following countries have a larger amount of vulnerable Remote Desktop Protocols apparently because of “lax cybersecurity hygiene” involving remote connection monitoring. More than 7,200 RDPs from China, 6,100 from Brazil, 3,000 from India, 1,300 from Spain, and 900 from Colombia were found being sold on the Dark Web UAS. In addition to these, the Dark Web UAS is selling an approximate of 300 US-based RDPs, from Ohio, Virginia, California, and Oregon.
“UAS offers Remote Desktop Protocols sourced from countries across the globe; however, they keep with the Eastern European Cybercriminal norms, which means the Dark Web USA does not offer RDPs from the Commonwealth of Independent States (CIS)”. “Ultimate Anonymity offers over 35,000 brute-forced Remote Desktop Protocols for sale,” Flashpoint experts said in a blog.
The security researchers from Flashpoint further added “Dark Web UAS lower prices may promote the growing popularity of the shop among cybercriminal,” and further stated that the interest in the shop will likely continue to grow. The reason for this popularity is that UAS regardless of the country of origin offers RDPs at prices among $3 and $10, which in comparison, xDedic another dark web market and UAS’ competitor, offered RPDs for over $100.