Shadowy online marketplace, MagBo,is selling access to more than 43,000 hacked servers, some of which belong to local and state government, hospitals, and financial organizations.
MagBo is a portal where hackers sell and buy hacked servers, is doing better than ever and has soared in popularity to become the largest criminal marketplace of its kind since its launch in the summer of 2018.
Wide scale hacking campaigns are surging at the moment. Cybercriminals are using automation to monitor websites for outdated software, then breach vulnerable websites and even install security updates to prevent rival gangs from getting in. A growing number of attackers have started to use Machine Learning to better select and prioritize their targets, boosting the ROI from their hacking campaigns. Once they have a sufficiently large bundle of backdoored websites, they sell it on the Dark Web to other cybercriminals focused in phishing, ransomware and other forms of digital blackmailing. Modern cybercrime economy has a mature division of labor aimed to increase efficiency and effectiveness of unlawful activities.
This is a serious problem for organizations because many suppliers and trusted third parties with privileged access to their data get silently hacked, and once exposed in underground marketplaces, the doors are wide open to their crown jewels. Worse, such attacks are virtually impossible to detect in a timely manner given that no intrusion happens directly. We should expect a spiraling number of similar incidents as the attack surface changes amid Covid-19 and in light of fading security budgets and overall disruption.