New data paints a much darker picture of the underground market for hacked servers.
The market for hacked servers might be much larger than previously thought, with new evidence suggesting that hackers sold access to over 170,000 compromised servers since 2014, a third of them located in the U.S.
The new revelation comes from antivirus firm Kaspersky Lab, whose researchers reported last week that a black market website called xDedic was selling remote access to more than 70,000 compromised servers for as little as US$6.
Following the report, a user with the moniker AngryBirds shared several Pastebin lists of IP addresses along with dates that allegedly represented hacked servers sold on xDedic since Oct. 2014.
The combined lists contained around 176,000 unique IP addresses, 100,000 more than the Kaspersky Lab researchers gathered themselves from the black market website. Validating the lists was not easy, especially since xDedic only displays the first two octets of a server’s IP address—for example 111.111.*.*.
However, the researchers found enough correlations to suggest that the new database of hacked servers is real and was copied from xDedic around February by someone who had access to see the full IP addresses.
Full article: Hackers sold access to 170,000 compromised servers, many in the U.S. (PC World)