Cybersecurity Firm Buying Hacker Forum Accounts to Spy on Cybercriminals

Swiss-based cybersecurity firm Prodaft has launched a new initiative called "Sell your Source" where the company purchases verified and aged accounts on hacking forums to infiltrate cybercrime spaces and communities. This strategic move aims to collect valuable intelligence that could lead to the exposure of malicious operations and platforms.

"As a threat intelligence company, we specialize in obtaining visibility into the infrastructures of cybercriminals, searching for patterns, tactics, techniques, and procedures that help us understand adversarial networks and detect and mitigate potential cyberattacks," explains Prodaft. "However, these activities are routinely associated with places such as the deep and dark web, underground forums, or illicit marketplaces, which pose limitations to our coverage."

This is why Prodaft decided to buy specific forum accounts that allow them to enter these networks and gather insights into the adversarial waters. The company's interest lies in purchasing accounts for XSS, Exploit.in, RAMP4U, Verified, and Breachforums cybercrime forums. They are willing to offer extra payment for accounts with moderator or administrator privileges.

However, Prodaft has a strict set of criteria for purchasing these accounts. The firm will only consider accounts created before December 2022 and which have not engaged in cybercrime or unethical activities in the past. Furthermore, if the account is on the FBI's or other law enforcement's most wanted list, it will not be purchased.

The transfer process for buying these accounts is anonymous, and Prodaft promises to report account purchases to law enforcement authorities while keeping sensitive information confidential. Sellers can reach out to Prodaft anonymously via TOX or email to share the details of their account and initiate the review process. Once approved, the firm will make an offer to the seller using Bitcoin, Monero, or any other preferred cryptocurrency.

When asked about the price for these accounts, Prodaft replied that it depends on numerous factors and that each account will receive a special quote after being analyzed. While currently interested in specific sites, this may change in the future.

Prodaft's aggressive investigation methods have led to notable cases in the past, including infiltrating ransomware operations and identifying cybercriminals.

This move by Prodaft showcases their commitment to understanding and combating cybercrime. By collecting valuable intelligence from hacked accounts, they can help protect organizations and individuals from potential attacks and cyber threats.