U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Deer.io platform facilitates cybercrime and its activities

Security experts at DigitalShadow security firm published a detailed analysis that demonstrates Deer.io platform facilitates cybercrime activities. Security experts from Digital Shadows have conducted a deep analysis of the Russian cybercrime website Deer.io. The site aims to facilitate cyber criminal activities allowing even crooks without specific skills to become dangerous crooks. The barriers to entry in the […]

Deer.io platform facilitates cybercrime and its activities

Security experts at DigitalShadow security firm published a detailed analysis that demonstrates Deer.io platform facilitates cybercrime activities.

Security experts from Digital Shadows have conducted a deep analysis of the Russian cybercrime website Deer.io. The site aims to facilitate cyber criminal activities allowing even crooks without specific skills to become dangerous crooks. The barriers to entry in the criminal ecosystemcontinue to be lowered.

Deer.io crime

The Deer.io is a platform to facilitate the cyber crime that is openly accessible on the surface web and that allows hosting online shops for a monthly fee of $8. Active since at least October 2013, the service is very popular in the criminal ecosystem, it claims to have over 25,000 active users who have earned a total of RUB 253 million (USD 3.8 million). It is advertised on a large number of criminal forums, including AntiChat,Exploit, the Zloy, and Xeksek.

The shop’s terms of service explicitly prohibit the sale of narcotics, hacking software, compromised accounts, DDoS services, personal and financial information, and exploits.

Deer.io has hosted Darkside.global, the shop managed by the hacker Tessa88 who offered for sale dumps of data stolen from LinkedIn, Myspace, Twitter, and VK.

The experts from Digital Shadows revealed that despite operators of Deer.io use to remove specific categories of shops (e.g. Shops offering bank account and payment card data), they are not so efficient when dealing with other criminal activities.

According to the study conducted by Digital Shadows, a large number of shops hosted on the Deer.io offer social media accounts, stolen credentials, hosting services, coupons for services that provide social network followers, and of course banking login credentials accounts.

“Being a cyber criminal is becoming even easier as barriers to entry continue to be lowered. Digital Shadows’ research into deer.io, the site that hosted dark side.global, shows how this is playing out and what it means for security professionals.” states the study.

The Deer.io offers to its customers the online shop, anonymity, security, efficiency, secure payment services, protection against DDoS attacks.

“cybercriminals are now experiencing even lower barriers to entry. While this trend is not necessarily new, the fact that all of these support services are wrapped into a one-stop shop marks a change. Moreover, amid constant hype surrounding the dark web, it is important to note that this exists on the surface web. It’s a reminder that the dark web does not monopolize criminality.” continues the post.

The experts concluded that organizations can be impacted more directly,citing the case of a global airline company whom user account data being sold on one deer.io domain.

Below the reply of the Deer.io staff to the report published by Digital Shadows

 deer.io works according to the laws of the Russian Federation. Our clients can create shops that do not violate the laws of the Russian Federation. We block shops that sell drugs/stolen bank accounts. We will also block any shop if requested by Roskomnadzor or the competent authorities of the Russian Federation. “

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs – Deer.io, cybercrime)