This year’s “Most Meta-Cybercrime Product” award is Accountz Club, a new cybercrime store that sells access to stolen accounts through services built for cybercriminals, including stores peddling stolen payment cards and identities, spam tools, email and phone bombing services, as well as stores for mass-popular A store where a website sells authentication cookies.
Criminals stealing from other crooks are a constant theme in the cybercriminal underworld. Accountz Club’s slogan – “The Best Auto Shop for Your Favorite Store Accounts” – simply made it possible by stealing login information from users of various cybercrime shops and selling them for a fraction of their account balances. This activity is normalized.
The site said it sells “cracked” accounts, or those with passwords that are easily guessed or enumerated using automated tools. All credentials sold by Accountz provide access to services that in turn sell access to stolen information or hijacked property, such as “robot shops” that resell access to infected computers.
An example is Genesis Market, where customers can search for stolen credentials and authentication cookies from a wide range of popular online destinations. Genesis even offers a custom web browser where you can load authentication cookies from botted PCs and waltz into your account without entering a username or password or messing with multi-factor authentication.
Accountz currently sells four different Genesis logins for 40-50% of their unused balance. Genesis obtains lists of stolen computers and stolen logins primarily from resellers who specialize in deploying infostealer malware via email and booby-traps. Likewise, the bulk of Accountz’s inventory appears to be sourced from a small number of resellers who may be the same ones working on account hacking for cybercrime services.
Genesis Robot Store.
Essentially, Accountz customers are paying for illegal access to cybercriminal services that sell access to compromised resources that can be abused for cybercrime. That’s serious metadata.
Accountz said its inventory is currently low, but it expects more to be available in the coming days. I don’t doubt that’s true, and it’s a bit of a note that services like this are uncommon: from my “breadcrumbs” series on prominent cybercriminals, it’s clear that many cybercriminals will be on multiple networks Use the same username and password for online services.
What’s more, relatively few online cybercrime stores offer their users any kind of multi-factor authentication. This may be because very few customers provide their real contact information when signing up. Therefore, it is often easier for a customer to simply create a new account than to regain control of a hacked account or change a forgotten password. On top of that, most stores only have basic tools to block automated login attempts and password cracking activities.
It will be interesting to see if any of the cybercrime stores with the most representation among Accountz’s logins for sale start fighting back. After all, draining customer account balances and locking in users could increase customer support costs for these stores, reduce customer satisfaction, and possibly even damage their reputation on criminal forums peddling merchandise.
Oh horror.
