article featured image


The ‘2easy’ marketplace is quickly becoming a major participant in the selling of stolen data “Logs” acquired from about 600,000 machines afflicted with information-stealing software.

2easy was founded in 2018 and has grown rapidly since last year when it only sold data from 28,000 infected devices and was considered a tiny player.

What Are “Logs”?

“Logs” are archives of data taken from malware-infected web browsers or systems, and their most crucial feature is that they frequently contain account credentials, cookies, and stored credit cards.

According to an investigation conducted by analysts at Israeli dark web intelligence firm KELA, the market’s rapid growth may be happening due to the market’s platform development and quality of the offers, which has resulted in positive feedback from the criminal community.

About the ‘2easy’ Marketplace

As reported by BleepingComputer, the market is totally automated, which means that anybody can open an account, deposit money into their wallets, and make transactions without having to engage with the vendors directly.

The logs may be purchased for as little as $5 per item, which is almost five times cheaper than the typical pricing.

Furthermore, based on actor feedback analysis from several dark web forums, 2easy logs routinely give genuine credentials that grant network access to a wide range of companies.

Aside from the affordability and validity, 2easy’s GUI is both user-friendly and strong. The marketplace allows actors to perform a variety of functions on the site, including viewing all URLs to which infected machines logged in, searching URLs of interest, browsing through a list of infected machines from which credentials were stolen, checking the seller’s rating, reviewing tags assigned by sellers, which usually include the date when the machine was infected and sometimes additional notes from the seller, and acquiring credentials.

How Can Heimdal™ Help?

Our Threat Prevention, awarded with the Cloud-Delivered Security Solution of the Year at the Networking Computer Awards 2021, can help you scan the DNS, HTTP, and HTTPS traffic and detect malicious activity. Inbound and outbound traffic is scanned and threats are prevented with a 96% accuracy, as the product encompasses successfully machine learning, AI-based prevention, and also cybercrime intelligence.

Did you enjoy this article? Follow us on LinkedInTwitterFacebookYoutube, or Instagram to keep up to date with everything we post!

Author Profile

Dora Tudor

Cyber Security Enthusiast

linkedin icon

Dora is a digital marketing specialist within Heimdal™ Security. She is a content creator at heart - always curious about technology and passionate about finding out everything there is to know about cybersecurity.