Security Researchers Allege Russian Ecommerce Firm Turns Blind Eye to Crime

Russian ecommerce shop provider Deer.io is allowing dark web activity out in the open, according to a report from threat intelligence and security analysis firm Digital Shadows.

What is the difference between this case and any other where a customer uses a web host to carry out criminal activity? Digital Shadows alleges that the majority of Deer.io shops sell stolen products or breached data, and that the company advertises on hacker and cybercrime forums.

SEE ALSO: Snowden Blasts Russia’s Proposed Anti-Terror Laws

Cybercriminal Tessa88, who distributed credentials breached from LinkedIn and MySpace, is associated with the shop darkside.global, which is hosted by Deer.io, Digital Shadows says. Softpedia found a reference to Deer.io-hosted cybercrime in Russian media, but there are no indications of law enforcement investigations.

Deeri.io offers secure and anonymous hosting, site building, DDoS protection, and automatic payment systems. It also offers customer service and product development for 500 rubles ($8). It warns hosted shops not to sell illegal goods, provides a “report site” method, and Digital Shadows reports evidence that it will remove products like credit card details.

READ MORE: Organization Calls for the Development of Tools to Monitor the Dark Web

Digital Shadows notes that there are non-criminal businesses hosted by Deer.io, even if it is hard to call “tennis score prediction” a “legitimate product.” However, bulk bot-registered social media accounts, hijacked social media accounts, popularity-faking tools for social media, and stolen bank accounts are much more common. The company also advertises with “well-known criminal forums” Xeksek, AntiChat, Zloy, and Exploit, and seems to encourage sites to do the same.

“Deer.io works according to the laws of the Russian Federation. Our clients can create shops that do not violate the laws of the Russian Federation. We block shops that sell drugs/stolen bank accounts. We will also block any shop if requested by Roskomnadzor or the competent authorities of the Russian Federation,” Deer.io told Softpedia in a response to the report.

Perhaps most troubling is the conclusion of Digital Shadows that Deer.io represents another service lowering the barrier to cybercrime entry, as DDoS-as-a-Service and exploit kits for sale have done.

A report from Trend Micro in late 2015 called the criminal internet activity in North America a “glass tank” for its obviousness.

Source: TheWHIR