Swiss cybersecurity agency Prodaft has launched a brand new initiative referred to as ‘Promote your Supply’ the place the corporate purchases verified and aged accounts on hacking boards to to spy on cybercriminals.
The aim is to make use of these accounts to infiltrate cybercrime areas and communities, accumulating priceless intelligence that would result in the publicity of malicious operations and platforms.
“As a risk intelligence firm, we concentrate on acquiring visibility into the infrastructures of cybercriminals, trying to find patterns, techniques, methods, and procedures that assist us perceive adversarial networks and detect and mitigate potential cyberattacks,” explains Prodaft.
“As these actions are routinely related to locations such because the deep and darkish net, underground boards, or illicit marketplaces, we wish to guarantee our protection doesn’t hit any limitations.”
“That’s the reason we determined we wish to purchase particular discussion board accounts that enable us to enter these networks and see what has been happening within the adversarial waters.”
Prodaft is at present thinking about shopping for accounts for the XSS, Exploit.in, RAMP4U, Verified, and Breachforums cybercrime boards, and provides to pay further for accounts with moderator or administrator privileges.
Nevertheless, the agency will solely settle for accounts created earlier than December 2022 and which haven’t engaged in cybercrime or unethical actions prior to now, so some due diligence takes place. Moreover, if the account is on the FBI’s or different legislation enforcement’s most wished listing, it is not going to be bought.
Prodaft says the switch course of is nameless, and whereas Prodaft says it should report account purchases to legislation enforcement authorities, it guarantees to not disclose delicate data.
Sellers can attain out to Prodaft anonymously through TOX or e-mail and share the main points for the account reviewing course of to get began.
As soon as the account has been authorized for buy, the agency will make a suggestion to the vendor. Cost strategies embrace Bitcoin, Monero, and some other cryptocurrency the vendor prefers.
When requested how a lot Prodaft is providing for accounts, the corporate informed BleepingComputer it relies on quite a few components.
“Additionally the value relies on many components, each account will get analysed and given a particular quote. At present we’re thinking about particular websites however it might change sooner or later,” Prodaft informed BleepingComputer.
Prodaft additionally marketed their new program straight on hacking boards, utilizing an outdated account on the Russian-speaking XSS cybercrime to advertise the shopping for of accounts.
Prodaft is thought for its aggressive investigation strategies used to infiltrate ransomware and cybercrime operations prior to now, in some instances resulting in the identification and arrest of cybercriminals.
One notable case is the infiltration of a complicated assault automation platform belonging to the FIN7 hacking group that leveraged Microsoft Alternate and SQL injection flaws to breach company networks.
This infiltration led to figuring out and proactively alerting over eight thousand compromised organizations, which may have been attacked by ransomware or different payloads at subsequent assault levels.
