A peek inside a boutique cybercrime-friendly E-shop – part six

By Dancho Danchev

In 2012, we started the “A Peek Inside a Boutique Cybercrime-Friendly E-shop” series, in response to the emerging market segment largely driven by novice cybercriminals relying on ubiquitous E-shop templates to sell their fraudulently obtained assets.

In this post, I’ll profile one of the most diversified (in terms of quantity and type of fraudulently obtained assets) boutique cybercrime-friendly E-shops I’ve come across since the launch of the series.

More details:

Sample entry page of the cybercrime-friendly E-shop:


The news section of the boutique cybercrime-friendly E-shop:


The type of fraudulently obtained assets, and their quantity:


As you can see in the attached screenshot, the E-shop is currently offering:

  • USA Leads
  • RDP MA
  • RDP IR
  • Leads
  • Leads USA
  • Webmail
  • IP Panel
  • Mixed Leads
  • Apple.com accounts
  • Shell
  • RDP USA Fresh
  • Amazon.com accounts
  • Buy.com accounts
  • FTP account
  • Match.com accounts
  • Dell.com accounts
  • Overstock.com accounts
  • Wallmart.com accounts

Sample of fraudulently obtained assets offered for sale:


Sample inventory listing for Amazon.com accounts:


Sample inventory listing for Wallmart.com accounts offered for sale:


Although the total amount of 658 compromised accounts isn’t a staggering number for the time being, this E-shop remains the market leader in the series of posts profiling this emerging market segment. Although the E-shop is constantly rotating and re-introducing new domains to stay online, it continues to maintain the same customer base, with new customer acquisition practices taking place primarily through spamvertising.

Consider going through related posts profiling the activities of more E-shops selling access to compromised accounts:

We’ll continue monitoring this emerging market segment and post updates as soon as new developments emerge.

You can find more about Dancho Danchev at his LinkedIn Profile. You can also follow him on  Twitter.

Join the Conversation

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s