Swiss cybersecurity firm Prodaft has recently announced the launch of a unique initiative named ‘Sell your Source,’ which aims to acquire verified and aged accounts on hacking forums for the purpose of monitoring cybercriminal activities. The primary objective behind this initiative is to infiltrate cybercrime spaces and communities to gather crucial intelligence that could potentially expose malicious operations and platforms.
Prodaft, as a threat intelligence company, specializes in obtaining visibility into the infrastructures of cybercriminals. By analyzing patterns, tactics, techniques, and procedures used by adversarial networks, Prodaft aims to enhance its understanding of cyber threats and enhance its ability to detect and mitigate potential cyberattacks.
In order to ensure unrestricted coverage of cybercrime networks, Prodaft has decided to purchase specific forum accounts that grant access to these underground communities. The company is particularly interested in acquiring accounts for popular cybercrime forums such as XSS, Exploit.in, RAMP4U, Verified, and Breachforums. Moreover, Prodaft is willing to offer higher payment for accounts with moderator or administrator privileges.
However, Prodaft has set certain criteria for the accounts it intends to purchase. The accounts must have been created before December 2022 and should have no history of involvement in cybercrime or unethical activities. Additionally, accounts that are listed on law enforcement’s most wanted list, such as the FBI’s list, will not be considered for purchase.
Prodaft emphasizes that the transfer process of account ownership will be handled anonymously. While the company commits to reporting account acquisitions to law enforcement authorities, it assures sellers that sensitive information will not be disclosed. Sellers can anonymously contact Prodaft via encrypted messaging platforms like TOX or email to initiate the account review process.
Once an account has been approved for purchase, Prodaft will make an offer to the seller. Payment methods include popular cryptocurrencies like Bitcoin and Monero, as well as any other cryptocurrency preferred by the seller. The pricing for accounts will vary based on multiple factors, and each account will undergo a thorough analysis to determine a fair valuation.
In a bold move to promote their new initiative, Prodaft has directly advertised on hacking forums, leveraging an old account on the Russian-speaking XSS cybercrime forum to facilitate the buying of accounts. This proactive approach is in line with Prodaft’s reputation for employing aggressive investigation methods to infiltrate ransomware and cybercrime operations.
Notably, Prodaft has previously been successful in infiltrating and disrupting cybercriminal operations, such as the attack automation platform used by the FIN7 hacking group. By identifying vulnerabilities and alerting compromised organizations, Prodaft has played a crucial role in preventing potential attacks and enhancing cybersecurity measures.
Overall, Prodaft’s ‘Sell your Source’ initiative represents a strategic approach to combatting cybercrime by gaining insights from within adversarial networks. Through the acquisition of forum accounts, Prodaft aims to strengthen its threat intelligence capabilities and contribute to the proactive detection and mitigation of cyber threats.