Feeds

Report: Hacking forum is a cybercrime academy

Learn skills, buy Trojans, make new mates

Protecting against web application threats using SSL

Certain underground hacking forums are acting as training academies and tech-support networks for cybercriminals as well as creating a marketplace for a vast array of cybercrime tools, say researchers.

Database security firm Imperva has been keeping close tabs on an unnamed hacking message board with nearly 220,000 registered members since 2007. It discovered that the forum is used by hackers of varying abilities for "training, communications, collaboration, recruitment, commerce and even social interaction". Chat rooms are filled with discussions on everything from attack planning to requests for help with specific campaigns. Newbies can use the forums to find "how-to-hack" tutorials.

Meanwhile the forum's marketplace acts as an underground bazaar for the sale of either stolen data or attack tools. Other studies by the likes of Symantec have focused on the price of stolen credit card numbers or licensing prices for ZeuS banking Trojan toolkits, for example. Imperva by contrast has paid closer attention to the content of conversations, picking up clues about evolving hacking tactics and approaches in the process.

The forum's discussions of electronic onslaughts increased during the four-year period of analysis, growing an average of 157 per cent year-on-year between 2007 and 2010. The most chatted about topics in the forum between June 2010 to June 2011 were DoS and DDoS attacks, which were in 22 per cent of discussions, followed by SQL injections (a very common technique for hacking websites), which made up 19 per cent of all chatter. A quarter of discussions over the year up to June 2011 focused on "beginners' hacking", with experienced members sharing how-to tutorials and discussing basic methodologies with newbies. Mobile hacking, particularly focused on the iPhone, also figured heavily in discussions.

"Studying hacker forums is important to providing insights into hacker psychology and technical strategies," explained Imperva CTO Amichai Shulman. "Hacker forums are still not well understood by many in the security community, and we believe that studying and quantifying what happens in these online communities can lead to the development of strategies to combat cybercrime."

Imperva's latest Hacker Intelligence Initiative report, which was published on Monday and billed as its most comprehensive to date, can be found here.

The security outfit is careful to say that while the forum it probed is not itself typical, it does provide valuable clues about what's happening in other less accessible and more hardcore underground forums.

Though there are many forums that are small and solely focused on committing cybercrime, we don’t have access to these. The site we examined is not a hardcore crime site, but it’s not entirely softcore either. New hackers come to this site to learn and on the other hand more experienced hackers teach to gain “street cred” and recognition. In the past, this forum has helped security researchers identify illicit cyber activity. Typically, once hackers have gained enough of a reputation they go to a more hardcore, by-invite-only forum.

Hacking forums continue to the popular hangouts even after incidents where one or two forums have been revealed as being run by hacker turncoats acting as FBI moles or even undercover FBI agents posing as "carders". ®

Reducing the cost and complexity of web vulnerability management

More from The Register

next story
Early result from Scots indyref vote? NAW, Jimmy - it's a SCAM
Anyone claiming to know before tomorrow is telling porkies
TOR users become FBI's No.1 hacking target after legal power grab
Be afeared, me hearties, these scoundrels be spying our signals
Home Depot: 56 million bank cards pwned by malware in our tills
That's about 50 per cent bigger than the Target tills mega-hack
Hackers pop Brazil newspaper to root home routers
Step One: try default passwords. Step Two: Repeat Step One until success
NORKS ban Wi-Fi and satellite internet at embassies
Crackdown on tardy diplomatic sysadmins providing accidental unfiltered internet access
UK.gov lobs another fistful of change at SME infosec nightmares
Senior Lib Dem in 'trying to be relevant' shocker. It's only taxpayers' money, after all
Critical Adobe Reader and Acrobat patches FINALLY make it out
Eight vulns healed, including XSS and DoS paths
Spies would need SUPER POWERS to tap undersea cables
Why mess with armoured 10kV cables when land-based, and legal, snoop tools are easier?
prev story

Whitepapers

Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.