In a bold and unconventional move, cybersecurity intelligence firm Prodaft has debuted a new initiative called “Sell Your Source” (SYS) aimed at acquiring aged, verified accounts from underground hacking forums. The goal is to gain covert access to adversarial networks and uncover malicious operations from within.
Through this initiative, Prodaft is offering to buy accounts created before December 2022—as long as they haven’t been used for cybercrime or unethical activity. These accounts, once vetted and verified, will serve as human intelligence (HUMINT) assets for the firm’s threat intelligence efforts.
“We want to ensure our coverage does not hit any limitations,” the company explains. “That’s why we decided to buy specific forum accounts that allow us to enter these networks and see what’s been going on in the adversarial waters.”
Intelligence from the Inside
Prodaft is advertising the SYS initiative directly on the very forums it hopes to infiltrate. It promises anonymity to those selling their accounts, and reassures potential sellers that while all transactions are reported to law enforcement partners in accordance with legal compliance—this is done without disclosing the identity of the account holder.
Each account submitted for sale is analyzed and quoted based on several factors, including reputation and access level. If the account is approved, Prodaft makes an offer and conducts a secure crypto-based transaction, typically in Bitcoin, Monero, or a seller’s preferred cryptocurrency.
The firm emphasizes that this isn’t a sting operation, nor is it a trap to ensnare reformed hackers. Rather, it’s an open door for those ready to walk away from the dark web and help make the internet a safer place.
“No Judgment, No Questions Asked”
Prodaft is targeting people who may have once participated in the darker corners of the internet out of curiosity or circumstance but are now looking for a way out. “For anyone who has been involved in these activities and is now looking to turn the page, you don’t have to explain your past or answer any questions, the company says.
According to the company, what matters is that these individuals are ready to walk away from this life. “No judgement, no questions asked—just a simple, secure transaction that benefits both sides and helps you leave that old life behind. This is your opportunity to step away and start a stress-free life, without the weight of your past holding you back,” Prodaft says.
The message is part threat intel recruitment, part redemption narrative—casting the initiative as a safe and private way to “donate” old accounts for a good cause, and get compensated for it.
A Legal but Controversial Tactic
While Prodaft maintains the initiative is fully compliant with legal standards, the move raises eyebrows in the cybersecurity community. Buying access to restricted forums, even for intelligence purposes, treads a fine ethical line.
Still, the company frames the SYS initiative as a necessary evolution in cyber defense—one where human intelligence must complement digital signals to truly uncover and dismantle threat actor operations.
“A bold move or the only way forward?” the Prodaft site asks. It seems the company believes it’s both.
How the SYS Initiative Works
- Reach Out: Interested sellers can contact Prodaft via ToX chat or email (tips[at]prodaft.com) to begin the process securely and anonymously.
- Account Review: Prodaft analyzes the account’s age, status, and value. If accepted, they’ll make a custom offer.
- Secure Transaction: If the seller agrees, payment is processed using cryptocurrency, and the account is transferred securely.
- Legal Compliance: Every account is reported to law enforcement, but seller identities are protected.
- Privacy & Verification: All accounts undergo a verification process to ensure they were not involved in criminal activity.
- Cybercrime Reporting: Anyone with information about unethical behavior or cybercrime can also report it to Prodaft anonymously.
Making Things More Expensive For Cybercriminals
Evan Dornbush, a former NSA cybersecurity expert, says: “Attackers reliably hit where defenders don’t even know they are vulnerable. This perpetual advantage endures because attackers enjoy a monopoly on the tools and vulnerability-related knowledge that defenders don’t even know exists.”
He says Prodaft is trying a proactive approach that will make it more expensive to be a criminal. “Rather than yet another new AI-widget entering the market, they are engaging the community to break the attacker’s monopoly. We should all hope they are successful in this endeavor.”
Prodaft’s initiative offers a quiet exit, and for the cybersecurity world, signals a new era of human-driven intelligence gathering, where former insiders might just become the key to stopping the next big breach.
More information is available on the Sell Your Source portal.
Information Security Buzz News Editor
Kirsten Doyle has been in the technology journalism and editing space for nearly 24 years, during which time she has developed a great love for all aspects of technology, as well as words themselves. Her experience spans B2B tech, with a lot of focus on cybersecurity, cloud, enterprise, digital transformation, and data centre. Her specialties are in news, thought leadership, features, white papers, and PR writing, and she is an experienced editor for both print and online publications.
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.