Pierluigi Paganini July 28, 2016

Security experts at DigitalShadow security firm published a detailed analysis that demonstrates Deer.io platform facilitates cybercrime activities.

Security experts from Digital Shadows have conducted a deep analysis of the Russian cybercrime website Deer.io. The site aims to facilitate cyber criminal activities allowing even crooks without specific skills to become dangerous crooks. The barriers to entry in the criminal ecosystemcontinue to be lowered.

The Deer.io is a platform to facilitate the cyber crime that is openly accessible on the surface web and that allows hosting online shops for a monthly fee of $8. Active since at least October 2013, the service is very popular in the criminal ecosystem, it claims to have over 25,000 active users who have earned a total of RUB 253 million (USD 3.8 million). It is advertised on a large number of criminal forums, including AntiChat,Exploit, the Zloy, and Xeksek.

The shop’s terms of service explicitly prohibit the sale of narcotics, hacking software, compromised accounts, DDoS services, personal and financial information, and exploits.

Deer.io has hosted Darkside.global, the shop managed by the hacker Tessa88 who offered for sale dumps of data stolen from LinkedIn, Myspace, Twitter, and VK.

The experts from Digital Shadows revealed that despite operators of Deer.io use to remove specific categories of shops (e.g. Shops offering bank account and payment card data), they are not so efficient when dealing with other criminal activities.

According to the study conducted by Digital Shadows, a large number of shops hosted on the Deer.io offer social media accounts, stolen credentials, hosting services, coupons for services that provide social network followers, and of course banking login credentials accounts.

“Being a cyber criminal is becoming even easier as barriers to entry continue to be lowered. Digital Shadows’ research into deer.io, the site that hosted dark side.global, shows how this is playing out and what it means for security professionals.” states the study.

The Deer.io offers to its customers the online shop, anonymity, security, efficiency, secure payment services, protection against DDoS attacks.

“cybercriminals are now experiencing even lower barriers to entry. While this trend is not necessarily new, the fact that all of these support services are wrapped into a one-stop shop marks a change. Moreover, amid constant hype surrounding the dark web, it is important to note that this exists on the surface web. It’s a reminder that the dark web does not monopolize criminality.” continues the post.

The experts concluded that organizations can be impacted more directly,citing the case of a global airline company whom user account data being sold on one deer.io domain.

Below the reply of the Deer.io staff to the report published by Digital Shadows

“ deer.io works according to the laws of the Russian Federation. Our clients can create shops that do not violate the laws of the Russian Federation. We block shops that sell drugs/stolen bank accounts. We will also block any shop if requested by Roskomnadzor or the competent authorities of the Russian Federation. “

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs – Deer.io, cybercrime)