Feeds

Report: Hacking forum is a cybercrime academy

Learn skills, buy Trojans, make new mates

3 Big data security analytics techniques

Certain underground hacking forums are acting as training academies and tech-support networks for cybercriminals as well as creating a marketplace for a vast array of cybercrime tools, say researchers.

Database security firm Imperva has been keeping close tabs on an unnamed hacking message board with nearly 220,000 registered members since 2007. It discovered that the forum is used by hackers of varying abilities for "training, communications, collaboration, recruitment, commerce and even social interaction". Chat rooms are filled with discussions on everything from attack planning to requests for help with specific campaigns. Newbies can use the forums to find "how-to-hack" tutorials.

Meanwhile the forum's marketplace acts as an underground bazaar for the sale of either stolen data or attack tools. Other studies by the likes of Symantec have focused on the price of stolen credit card numbers or licensing prices for ZeuS banking Trojan toolkits, for example. Imperva by contrast has paid closer attention to the content of conversations, picking up clues about evolving hacking tactics and approaches in the process.

The forum's discussions of electronic onslaughts increased during the four-year period of analysis, growing an average of 157 per cent year-on-year between 2007 and 2010. The most chatted about topics in the forum between June 2010 to June 2011 were DoS and DDoS attacks, which were in 22 per cent of discussions, followed by SQL injections (a very common technique for hacking websites), which made up 19 per cent of all chatter. A quarter of discussions over the year up to June 2011 focused on "beginners' hacking", with experienced members sharing how-to tutorials and discussing basic methodologies with newbies. Mobile hacking, particularly focused on the iPhone, also figured heavily in discussions.

"Studying hacker forums is important to providing insights into hacker psychology and technical strategies," explained Imperva CTO Amichai Shulman. "Hacker forums are still not well understood by many in the security community, and we believe that studying and quantifying what happens in these online communities can lead to the development of strategies to combat cybercrime."

Imperva's latest Hacker Intelligence Initiative report, which was published on Monday and billed as its most comprehensive to date, can be found here.

The security outfit is careful to say that while the forum it probed is not itself typical, it does provide valuable clues about what's happening in other less accessible and more hardcore underground forums.

Though there are many forums that are small and solely focused on committing cybercrime, we don’t have access to these. The site we examined is not a hardcore crime site, but it’s not entirely softcore either. New hackers come to this site to learn and on the other hand more experienced hackers teach to gain “street cred” and recognition. In the past, this forum has helped security researchers identify illicit cyber activity. Typically, once hackers have gained enough of a reputation they go to a more hardcore, by-invite-only forum.

Hacking forums continue to the popular hangouts even after incidents where one or two forums have been revealed as being run by hacker turncoats acting as FBI moles or even undercover FBI agents posing as "carders". ®

3 Big data security analytics techniques

More from The Register

next story
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Samsung Galaxy S5 fingerprint scanner hacked in just 4 DAYS
Sammy's newbie cooked slower than iPhone, also costs more to build
Putin tells Snowden: Russia conducts no US-style mass surveillance
Gov't is too broke for that, Russian prez says
Snowden-inspired crypto-email service Lavaboom launches
German service pays tribute to Lavabit
Mounties always get their man: Heartbleed 'hacker', 19, CUFFED
Canadian teen accused of raiding tax computers using OpenSSL bug
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Call of Duty 'fragged using OpenSSL's Heartbleed exploit'
So it begins ... or maybe not, says one analyst
Arts and crafts store Michaels says 3 million credit cards exposed in breach
Meanwhile, Target investigators prepare for long process in nabbing hackers
prev story

Whitepapers

Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.