KELA's Intelligence Gathering Technologies Now Collect Intelligence from Remote Access Markets, Such as the Prominent Invite-Only Underground Marketplace, MagBo
TEL AVIV, Israel, May 14, 2020 /PRNewswire/ -- As servitization of the underground world continues to thrive, KELA Targeted Cyber Intelligence, a global Dark Net threat intelligence provider, announces today the addition of a new information source type to their technologies – Remote Access Markets.
As a core commitment to all partners, a team of dedicated analysts from KELA are continually following underground trends in order to understand shifts in the ever-changing threat landscape. As part of this service, KELA's Cyber Intelligence Center has recently begun automatically gathering information from stores offering access to compromised servers and websites, among them, MagBo, who had initially hit the headlines in 2018, but now resurfaced again today.
Raveed Laeb, Product Manager at KELA explains the significance and relevancy of beginning to monitor this and other similar markets. "The trend of easily purchasing services from the Dark Net isn't very new, we've seen it with malware-as-a-service markets, such as the Genesis Marketplace, and we're seeing it apply to other areas, such as with remote access markets, introducing access-as-a-service," Laeb shares following the release of KELA's recent report on Remote Access Markets. "MagBo is an invite-only automated market for diverse products specializing in Remote Access credentials, and specifically in web shells. Our mission is to assist our partners in detecting any threats directly targeting them, which is why we began gathering intelligence from these markets. Now, we're able to automatically monitor compromised servers and websites; combining that with assistance from our intelligence analysts, we can help our partners remediate these types of threats in real time."
According to KELA's report, since its launch, MagBo has managed to accumulate nearly 150,000 compromised websites – including those belonging to financial institutions, government organizations and critical infrastructure around the world – mostly via selling access to web shell malware deployed on their servers. KELA advocated that gaining visibility into MagBo, as well as other Remote Access Markets, is a crucial intelligence feed for defenders.
KELA's recent report, Access-as-a-Service – Remote Access Markets in the Cybercrime Underground addresses several key points:
- Rise and development of access-as-a-service;
- Breakdown of the MagBo marketplace – its products, scale, advantages, and more;
- What enterprises and law enforcement agencies gain from these markets;
- What defenders can and should do to deter attacks that result from leveraging information on these markets.
The full report can be found here.
To learn more about KELA's solutions or request a demo, visit us at https://ke-la.com/contact-us/
A leading Dark Net threat intelligence firm, KELA's mission is to provide 100% actionable intelligence on threats emerging from the Dark Net. Our success is based on a unique integration of our proprietary automated technologies and qualified intelligence experts. For more information, visit www.ke-la.com.