Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Mobile Vulnerabilities

  • Zero-Day Alerts

  • Recent Posts

  • Calendar

    August 2015
    S M T W T F S
    « Jul    
  • Email Subscription

  • About Us

    We recently found an interesting post in a Russian underground forum in the course of our research. People exchange information about their illegal activities in these kinds of forum. We found a user in the forum with the handle “sourcec0de” and ICQ number 291149 who currently offers root access to some of the cluster servers of and its subdomains.

    Click for larger view

    The screenshot above shows that the seller appears to have a shell console window with root access to these servers. The price for each access starts at US$3,000 with the exchange of money/access being provided by the well-known garant/escrow system for which a trusted third party verifies both sides of a transaction.

    In our previous underground research, we also saw sourcec0de sell stolen PayPal account credentials and discussing the management of botnet command-and-control (C&C) servers.

    We contacted about this issue last week. We are making this public to stress the fact that hackers do not only profit from selling stolen data or by inserting bad links into spam or phishing email, websites, and other possible infection vectors.

    This case, regardless of whether sourcec0de’s claim is true or not, shows just how brazen cybercriminals are, selling administrative access to specific systems, which can be negatively impacted by their break-ins.

    Share this article
    Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   StumbleUpon


    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice