On last summer, the Kaspersky Labs expelled xDedic for employing the hacked servers for the purchase or the hire while many believed it was the curtains for the marketplace. The expose was done to move away the traffic from the xDedic marketplace for dealing with the illegitimately obtained servers. But just after a few weeks of being offline, the xDedic marketplace was back online doing what it used to do earlier, that is selling even more hacked servers for an average price of $6. The 25 page report of Kaspersky revealed that the initial number of the hacked servers for sale or on hire on the xDedic marketplace was around 70,000. After its comeback, the xDedic marketplace now has over 85,000 servers that are listed for either sale or hire. The maximum of the compromised servers suffer the same fatal flaw that is they have open unsecured RDP or the Remote Desktop Protocol connections.
The servers listed on the xDedic marketplace for sale or hire seem to bear no other connections apart from the fact that they are all RDP servers. The hackers can easily get the access to the ownership of the servers from the corporate or the governmental institutions that have access to the sensitive data and the administration privileges. The RDP servers on the xDedic marketplaces features tags that are specifically put in place to show that they have not been blacklisted from any of the online resource. These public websites list focuses on the point of sale (PoS) software, tax reporting and accounting. The features and softwares that are installed in the compromised RDP servers enable mass email sending that even makes it easier for the fraudulent hackers to carry out phishing attacks without being a suspect. And these types of attacks (Phishing attacks) can steal sensitive information like usernames and passwords of accounts which is not a very good news at all.