In an international operation that included the FBI, Europol and law enforcement in Belgium and Ukraine, authorities took down the dark web xDedic Marketplace known for selling compromised computer credentials and PII.
Administrators ran the marketplace using servers scattered worldwide and bitcoin to mask the identities of the administrators, buyers and sellers as well as the server locations, according to a Justice Department statement.
U.S. Attorney Maria Chapa Lopez, along with Special Agent in Charge Eric Sporre, FBI-Tampa Division, and Special Agent in Charge Mary Hammond, IRS-Criminal Investigation, announced the shuttering of the website, which likely was responsible for more than $68 million in fraud.
Dtex Systems' Armaan Mahbod focuses on the problem of credential compromise, as the company finds it to be a top driver of insider threat risk.He said the following:
"This announcement provides a huge learning instance for all security and risk professionals, which is that no matter how hard we try to keep track of credentials, there is high risk that they are going to end up on the dark web," Dtex Systems Insider Threat Analyst Team Manager Armaan Mahbod. "Legacy technologies designed to protect credentials are failing almost 100 percent of the time. The only real way to know if your organization has been infiltrated by a cybercriminal using credentials is by understanding the behaviors demonstrated by user accounts.”
Mahbod said the behavioral assessments Dtex “ran as part of our upcoming insider threat intelligence report showed that credential theft and misuse is taking place in almost every business and government agency today."