More than 43,000 hacked servers are currently for sale on online cybercrime marketplace MagBo, according to new research from threat intelligence firm KELA and ZDNet.
Founded in 2018, MagBo has become the go-to place for hackers and criminals looking for an easy way into compromised servers, be that for the wider distribution of malware, adware or spyware, or for a more targeted ransomware-based approach.
What started as a small site in September 2018, with no more than 3,000 hacked sites listed, has grown into a cybercrime powerhouse, which has sold access to more than 150,000 sites to date, raking in at least $750,000 in revenue.
According to the report, the main difference between MagBo and similar marketplaces that have failed in the past is that MagBo does not conceal information about the hacked servers.
Other websites were fearful other hackers may attempt to compromise the same servers themselves if given too many details. But MagBo's decision to run against the grain appears to have paid dividends.
The marketplace also provides information about the web shell's level of access and permissions, helping potential buyers better identify servers they can use for their operations.