Security firm accuses Russian service of harboring criminals

Jul 27, 2016 17:05 GMT  ·  By

Cyber-security firm Digital Shadows has published today an in-depth report that blames Deer.io, a site building platform from Russia, for harboring the online shops of many cyber-criminals.

The company says that they have found many shops selling illegal goods, all hosted via its platform.

Deer.io hosts shops for all sorts of cyber-criminal activities

The most notorious name of all customers is Tessa88, one of the hackers at the middle of the recent MySpace and LinkedIn data breaches.

Besides Tessa88's shop, Digital Shadows says that crooks used Deer.io shops to sell social media bots for spam and boosting follower counts, compromised social media accounts, and stolen accounts, a category that includes anything from banking and financial services to Uber credentials.

Digital Shadows claims that Deer.io is only one of the many services that are spreading from the Dark Web to the Open Internet, a so-called one-stop-shop for all sorts of cyber criminals.

But is Deer.io really guilty?

Taking a peek at Deer.io with an open mind and ignoring the Digital Shadows report, when you look at the platform, you only see a Russian version of Wix and Shopify.

The site's operators may not be guilty of what users do, or at least that's one of the principles keeping Facebook and Twitter afloat after it was proven that ISIS terrorists used their services.

Digital Shadows begs to differ. The company's experts claim they've seen ads for Deer.io on well-known underground hacking and cyber-crime forums such as Xeksek, AntiChat, Zloy, and Exploit.

Underground hacking forums are notorious for running their home-cooked adverts, usually promoting other cyber-crime products and services.

Deer.io ads on hacking forums
Deer.io ads on hacking forums

Your reporter has inquired with Digital Shadows for links to other cyber-crime websites hosted on Deer.io, but the company has declined to provide any links outside Tessa88's shop.

While we weren't able to verify the presence of any other criminal shops on Deer.io at this very moment, we have found evidence in Russian media that crooks have used this service in the past for illegal activities.

The infamous Guccifer 2.0 hacker who took responsibility for hacking the US Democratic Party servers and later dumping the data online used the WordPress.com platform to leak the stolen data.

Nobody called Automattic out as a "cyber-crime loving company," but that does not mean Deer.io is completely innocent either. The difference is that you never see ads for WordPress.com on hacking forums.

Softpedia has reached out to Deer.io and will be publishing their response to the Digital Shadows report, if any is provided.

UPDATE [July 28, 2016]: The Deer.io staff has provided the following statement regarding the Digital Shadows report.

  deer.io works according to the laws of the Russian Federation. Our clients can create shops that do not violate the laws of the Russian Federation. We block shops that sell drugs/stolen bank accounts. We will also block any shop if requested by Roskomnadzor or the competent authorities of the Russian Federation.  

Tess88's Deer.io shop
Tess88's Deer.io shop

Deer.io (4 Images)

Deer.io main website
Deer.io ads on hacking forumsTess88's Deer.io shop
+1more