Swiss cybersecurity agency Prodaft has launched a brand new initiative known as ‘Promote your Supply’ the place the corporate purchases verified and aged accounts on cybercrime boards to conduct menace intelligence operations.
The purpose is to make use of these accounts to infiltrate cybercrime areas and communities, accumulating priceless intelligence that might result in the publicity of malicious operations and platforms.
“As a menace intelligence firm, we concentrate on acquiring visibility into the infrastructures of cybercriminals, looking for patterns, ways, methods, and procedures that assist us perceive adversarial networks and detect and mitigate potential cyberattacks,” explains Prodaft.
“As these actions are routinely related to locations such because the deep and darkish internet, underground boards, or illicit marketplaces, we need to guarantee our protection doesn’t hit any limitations.”
“That’s the reason we determined we need to purchase particular discussion board accounts that permit us to enter these networks and see what has been happening within the adversarial waters.”
Prodaft is at present fascinated by shopping for accounts for the XSS, Exploit.in, RAMP4U, Verified, and Breachforums cybercrime boards, and gives to pay additional for accounts with moderator or administrator privileges.
Nonetheless, the agency will solely settle for accounts created earlier than December 2022 and which haven’t engaged in cybercrime or unethical actions previously, so some due diligence takes place. Moreover, if the account is on the FBI’s or different regulation enforcement’s most wished checklist, it is not going to be bought.
Prodaft says the switch course of is nameless, and whereas Prodaft says it’ll report account purchases to regulation enforcement authorities, it guarantees to not disclose delicate info.
Sellers can attain out to Prodaft anonymously by way of TOX or e mail and share the main points for the account reviewing course of to get began.
As soon as the account has been accredited for buy, the agency will make a proposal to the vendor. Cost strategies embody Bitcoin, Monero, and some other cryptocurrency the vendor prefers.
When requested how a lot Prodaft is providing for accounts, the corporate instructed BleepingComputer it depends upon quite a few elements.
“Additionally the worth depends upon many elements, each account will get analysed and given a particular quote. Presently we’re fascinated by particular websites however it could change sooner or later,” Prodaft instructed BleepingComputer.
Prodaft additionally marketed their new program immediately on hacking boards, utilizing an previous account on the Russian-speaking XSS cybercrime to advertise the shopping for of accounts.
Prodaft is thought for its aggressive investigation strategies used to infiltrate ransomware and cybercrime operations previously, in some circumstances resulting in the identification and arrest of cybercriminals.
One notable case is the infiltration of a complicated assault automation platform belonging to the FIN7 hacking group that leveraged Microsoft Trade and SQL injection flaws to breach company networks.
This infiltration led to figuring out and proactively alerting over eight thousand compromised organizations, which might have been attacked by ransomware or different payloads at subsequent assault levels.
Based mostly on an evaluation of 14M malicious actions, uncover the highest 10 MITRE ATT&CK methods behind 93% of assaults and how one can defend towards them.
