xDedic, a marketplace for selling or renting hacked servers, was exposed by Kaspersky in June 2016. Flashpoint experts say the number of servers advertised on the service has risen to over 85,000. Almost three-quarters of all the hacked RDP servers were located in educational institutions, with most servers located in the US, Germany, and the Ukraine. A recently launched service, called Spammer, is also selling access to hacked SMTP servers and email spam lists.
Source: https://www.bleepingcomputer.com/news/security/over-85-000-hacked-rdp-servers-still-available-for-sale-on-xdedic-marketplace/