Russian ecommerce shop provider Deer.io is allowing dark web activity out in the open, according to a report from threat intelligence and security analysis firm Digital Shadows.
What is the difference between this case and any other where a customer uses a web host to carry out criminal activity? Digital Shadows alleges that the majority of Deer.io shops sell stolen products or breached data, and that the company advertises on hacker and cybercrime forums.
Cybercriminal Tessa88, who distributed credentials breached from LinkedIn and MySpace, is associated with the shop darkside.global, which is hosted by Deer.io, Digital Shadows says. Softpedia found a reference to Deer.io-hosted cybercrime in Russian media, but there are no indications of law enforcement investigations.
Deeri.io offers secure and anonymous hosting, site building, DDoS protection, and automatic payment systems. It also offers customer service and product development for 500 rubles ($8). It warns hosted shops not to sell illegal goods, provides a “report site” method, and Digital Shadows reports evidence that it will remove products like credit card details.
Digital Shadows notes that there are non-criminal businesses hosted by Deer.io, even if it is hard to call “tennis score prediction” a “legitimate product.” However, bulk bot-registered social media accounts, hijacked social media accounts, popularity-faking tools for social media, and stolen bank accounts are much more common. The company also advertises with “well-known criminal forums” Xeksek, AntiChat, Zloy, and Exploit, and seems to encourage sites to do the same.
“Deer.io works according to the laws of the Russian Federation. Our clients can create shops that do not violate the laws of the Russian Federation. We block shops that sell drugs/stolen bank accounts. We will also block any shop if requested by Roskomnadzor or the competent authorities of the Russian Federation,” Deer.io told Softpedia in a response to the report.
A report from Trend Micro in late 2015 called the criminal internet activity in North America a “glass tank” for its obviousness.