If you are a cybercriminal looking for compromised computer access or stolen login credentials, then cybercrime marketplace xDedic might have been one of your favorite places to shop.
Until the last few days, when a Europol investigative team announced it had seized the xDedic marketplace servers and domains:
And the victims of compromised credentials and machines are global:
"The victims came from all around the world and involved all kind of industries. This includes local, state, and federal government infrastructure, hospitals, emergency services, major metropolitan transit authorities, accounting, and law firms, pension funds, and universities. Authorities believe the website facilitated more than $68,000,000 in fraud."
The response was global, as well, with law enforcement cooperating across borders and geography, including: the U.S. Prosecutor’s Office for the Middle District of Florida; the FBI and the Internal Revenue Service of Tampa (Florida); the Federal Computer Crime Unit (FCCU); the Federal Prosecutor’s Office, and the Investigating Judge of Belgium; the Ukrainian National Cyber Police and Prosecutor General’s office of Ukraine; with the support of the Bundeskriminalamt of Germany and Europol.
Dark Web experts speaking at SecureWorld cybersecurity conferences have told us that this kind of bust does not stop cybercrime, but it does disrupt it in the short term, which is a positive for InfoSec teams around the world.