Deep Web

Authorities shut down XDEDIC marketplace in an international operation

A  joint operation conducted by law enforcement agencies in the United States and Europe allowed seizing the xDedic marketplace.

Law enforcement agencies in the US and Europe announced the seizure of the popular xDedic marketplace, an underground market offering for sale access to compromised systems and personally identifiable information.

“On 24 January, the U.S. Prosecutor’s Office for the Middle District of Florida, the FBI and the Internal Revenue Service (IRS) of Tampa (Florida), the Federal Computer Crime Unit (FCCU), the Federal Prosecutor’s Office and the Investigating Judge of Belgium, as well as the Ukrainian National Cyber Police and Prosecutor General’s office of Ukraine, with the support of the Bundeskriminalamt of Germany and Europol seized the xDedic Marketplace.” reads the press release published by the Europol.

The black marketplace has been active since 2014, it was first analyzed by experts at Kaspersky Lab in 2016.

At the time, the domain (xdedic[.]biz) went offline following a report from Kaspersky Labs that detailed in its Corporate News section, the scope, and method of operations of the illicit marketplace. The website quickly reappeared in the Tor network.

In 2016 the service was offering up to 70,000 hacked servers as little as $6 USD, and with 416 registered sellers in 173 countries, the platform was operating a highly successful global business model.

The researchers confirmed that the xDedic marketplace is run by a Russian-speaking group.


Law authorities in the United States, Belgium and Ukraine, in collaboration with the Europol, seized xDedic on January 24.

Buyers were able to search accesses to compromised systems by multiple criteria, including price, geographic location, and operating system.

The xDedic administrators maintained servers worldwide, they allowed payment in Bitcoin to protect users’ anonymity. Compromised systems belong to any industries, including local, state, and federal government infrastructure, hospitals, emergency services, major metropolitan transit authorities, accounting and law firms, pension funds, and universities.

According to the investigators, the website facilitated more than $68 million in fraud.

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(Security Affairs –xDedic market, cybercrime)

[adrotate banner=”5″]

[adrotate banner=”13″]

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.

Recent Posts

Cisco addressed high-severity flaws in IOS and IOS XE software

Cisco addressed multiple vulnerabilities in IOS and IOS XE software that can be exploited to…

12 hours ago

Google: China dominates government exploitation of zero-day vulnerabilities in 2023

Google's Threat Analysis Group (TAG) and Mandiant reported a surge in the number of actively…

19 hours ago

Google addressed 2 Chrome zero-days demonstrated at Pwn2Own 2024

Google addressed two zero-day vulnerabilities in the Chrome web browser that have been demonstrated during…

1 day ago

INC Ransom stole 3TB of data from the National Health Service (NHS) of Scotland

The INC Ransom extortion group hacked the National Health Service (NHS) of Scotland and is threatening…

1 day ago

CISA adds Microsoft SharePoint bug disclosed at Pwn2Own to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a Microsoft SharePoint vulnerability disclosed at the…

2 days ago

The DDR Advantage: Real-Time Data Defense

This is the advantage of Data Detection and Response (DDR) for organizations aiming to build…

2 days ago

This website uses cookies.