By Dancho Danchev
The vibrant cybercrime ecosystem is populated by a diverse set of market players. From sellers, to buyers and vendors, sophisticated cybercriminals next to novice cybercriminals, everyone is persistently looking for ways to monetize their assets and increase their revenue.
Over the past two years, the industry witnessed the maturing business models in use by cybercriminals, and the rise of the so called cybercrime-as-a-service underground market propositions. Cybercriminals of all kinds have realized that managed services are the future that offer an efficient revenue generating platform for everyone to take advantage of.
In this post, I’ll profile a recently advertised boutique cybercrime-friendly E-shop, operated by what appears to be a novice cybercriminal looking for ways to monetize his fraudulently obtained assets.
Screenshots of a DIY cybercrime-friendly E-shop:
His inventory of underground market goods and products includes:
- SMTP servers, SMTP Verifier, SMTP Scanner, access to RDP+AMS hosts, Leads, PHP Mailers, compromised cPanels, compromised Web Shells, compromised servers with Root access
The boutique cybercrime-friendly shop is a great example of how novice cybercriminals will not only attempt to monetize the fraudulently obtained underground goods, they will also attempt to monetize commodity goods that are freely available at the disposal of average cybercriminals.
Webroot will continue monitoring the shop’s latest propositions and future development.