
xDedic – the shady world of hacked servers for sale - ghosh
https://securelist.com/blog/research/75027/xdedic-the-shady-world-of-hacked-servers-for-sale/
======
nisa
I guess this will only grow in volume. Nobody seems to acknowledge the task of
an admin, that keeps things updated and secure and that can implemented
preventive security measures. It's mostly hire someone as cheap as possible to
install xyz on a rented dedicated box and forget about it.

Add some sloppy password policy, lot's of PHP code that is neither sandboxed
or updated and you'll have an easy time to own such machines.

And if it's hacked and disabled it just get's reimagined. I guess most don't
even notice if you don't do anything that get's on the providers radar.

But honestly even as toying around with Linux for more than 15 years I'd have
a hard time to find a rootkit in daily ops that successfully managed to load
as kernel module or via ld-preload.

Graphing the load e.g. munin is sometimes useful but that's more like having
some post-mortem tools.

~~~
webtechgal
> It's mostly hire someone as cheap as possible to install xyz on a rented
> dedicated box and forget about it.

You can say that again!! I routinely come across job postings such as 'Setup
my server for $10 to $30' floating about at various freelance tech
marketplaces.

Hell, when starting out as a freelancer a couple of years ago, I took up some
jobs like that myself, to - so to say - test the waters. I still take up such
jobs, but at (much) higher rates and per my experience, most of the clients do
not have the foggiest so far as security is concerned.

------
skilled
Scary to think how many more of such hacked servers are out there, I think
dedicated server networks like OVH are easy targets, and that's just the tip
of the iceberg.

~~~
webtechgal
> ...and that's just the tip of the iceberg.

You bet. Since OVH servers normally start north of $50-60/mo. (not exactly a
very trivial sum), their clients may still be at least somewhat more
serious/conscious about security, but talk about the likes of Kimsufi
(incidentally, a subsidiary of OVH I believe) where dedi boxes (with low-end
configs) are available for < $10/mo.!!!

------
tracker1
Distribution networks for pirated torrent material... that could make a lot of
seed nodes.

~~~
amazon_not
What's the profit motive? Even at $6 a pop the server expenses have to be
recouped.

~~~
draugadrotten
Fictive scenario. One TV channel executive could hurt the finances of a
competing TV channel by seeding the competitions shows, and by this gaining
power and influence in her own career

~~~
tener
They should actually seed their own show. Cheap marketing.

~~~
Certified
Certain FOX episodes have shown up on file sharing networks over the past
years with trailers for other FOX shows preceding the actual content. You
don't think networks are already promoting their tv shows directly to the file
sharing demographic?

------
dang
Url changed from [http://arstechnica.com/security/2016/06/meet-xdedic-the-
site...](http://arstechnica.com/security/2016/06/meet-xdedic-the-site-selling-
access-to-thousands-of-hacked-gov-and-com-servers/), which points to this.

