Feeds

Report: Hacking forum is a cybercrime academy

Learn skills, buy Trojans, make new mates

The Essential Guide to IT Transformation

Certain underground hacking forums are acting as training academies and tech-support networks for cybercriminals as well as creating a marketplace for a vast array of cybercrime tools, say researchers.

Database security firm Imperva has been keeping close tabs on an unnamed hacking message board with nearly 220,000 registered members since 2007. It discovered that the forum is used by hackers of varying abilities for "training, communications, collaboration, recruitment, commerce and even social interaction". Chat rooms are filled with discussions on everything from attack planning to requests for help with specific campaigns. Newbies can use the forums to find "how-to-hack" tutorials.

Meanwhile the forum's marketplace acts as an underground bazaar for the sale of either stolen data or attack tools. Other studies by the likes of Symantec have focused on the price of stolen credit card numbers or licensing prices for ZeuS banking Trojan toolkits, for example. Imperva by contrast has paid closer attention to the content of conversations, picking up clues about evolving hacking tactics and approaches in the process.

The forum's discussions of electronic onslaughts increased during the four-year period of analysis, growing an average of 157 per cent year-on-year between 2007 and 2010. The most chatted about topics in the forum between June 2010 to June 2011 were DoS and DDoS attacks, which were in 22 per cent of discussions, followed by SQL injections (a very common technique for hacking websites), which made up 19 per cent of all chatter. A quarter of discussions over the year up to June 2011 focused on "beginners' hacking", with experienced members sharing how-to tutorials and discussing basic methodologies with newbies. Mobile hacking, particularly focused on the iPhone, also figured heavily in discussions.

"Studying hacker forums is important to providing insights into hacker psychology and technical strategies," explained Imperva CTO Amichai Shulman. "Hacker forums are still not well understood by many in the security community, and we believe that studying and quantifying what happens in these online communities can lead to the development of strategies to combat cybercrime."

Imperva's latest Hacker Intelligence Initiative report, which was published on Monday and billed as its most comprehensive to date, can be found here.

The security outfit is careful to say that while the forum it probed is not itself typical, it does provide valuable clues about what's happening in other less accessible and more hardcore underground forums.

Though there are many forums that are small and solely focused on committing cybercrime, we don’t have access to these. The site we examined is not a hardcore crime site, but it’s not entirely softcore either. New hackers come to this site to learn and on the other hand more experienced hackers teach to gain “street cred” and recognition. In the past, this forum has helped security researchers identify illicit cyber activity. Typically, once hackers have gained enough of a reputation they go to a more hardcore, by-invite-only forum.

Hacking forums continue to the popular hangouts even after incidents where one or two forums have been revealed as being run by hacker turncoats acting as FBI moles or even undercover FBI agents posing as "carders". ®

Build a business case: developing custom apps

More from The Register

next story
14 antivirus apps found to have security problems
Vendors just don't care, says researcher, after finding basic boo-boos in security software
'Things' on the Internet-of-things have 25 vulnerabilities apiece
Leaking sprinklers, overheated thermostats and picked locks all online
iWallet: No BONKING PLEASE, we're Apple
BLE-ding iPhones, not NFC bonkers, will drive trend - marketeers
Only '3% of web servers in top corps' fully fixed after Heartbleed snafu
Just slapping a patched OpenSSL on a machine ain't going to cut it, we're told
How long is too long to wait for a security fix?
Synology finally patches OpenSSL bugs in Trevor's NAS
Israel's Iron Dome missile tech stolen by Chinese hackers
Corporate raiders Comment Crew fingered for attacks
Tor attack nodes RIPPED MASKS off users for 6 MONTHS
Traffic confirmation attack bared users' privates - but to whom?
Roll out the welcome mat to hackers and crackers
Security chap pens guide to bug bounty programs that won't fail like Yahoo!'s
Researcher sat on critical IE bugs for THREE YEARS
VUPEN waited for Pwn2Own cash while IE's sandbox leaked
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.
The Essential Guide to IT Transformation
ServiceNow discusses three IT transformations that can help CIO's automate IT services to transform IT and the enterprise.
Maximize storage efficiency across the enterprise
The HP StoreOnce backup solution offers highly flexible, centrally managed, and highly efficient data protection for any enterprise.