Imperva analysed a hacker forum, finding users chat most about DDoS attacks, tutorials and recruitment
Hackers are often perceived as isolated, alienated individuals, working alone or in small groups. In reality, hackers are quite social, frequenting online forums and chat rooms to brag about their exploits, exchange tips and share knowledge, according to a recent analysis of hacker activity.
Online forums are critical to the hacking community, and are used by hackers and criminals to learn, communicate and collaborate with other like-minded individuals, according to the State of Hacker Forums report released by Imperva. The forums are generally not easily discoverable or accessible to everyone, but interested newbies will find plenty of resources and support to get started, Imperva said.
Collaboration And Recruitment
The underground forums provide ways for the community to communicate and collaborate with each other, recruit new talent as well as buy and sell stolen data and tools. Imperva noted that the exact number of forums devoted to hacker activity is unknown, but some are quite large. Others are smaller and quite exclusive, requiring permission from an existing member to join. Imperva used content-analysis tools to search and analyse chats by topic using keywords as part of a year-long observation.
The report took an in-depth look at the content and activities of one of the forums that boasts about 250,000 members. Members spent about 25 percent of their time in forums offering others beginner tips, Imperva found. Members rely on forums to share the latest techniques and learn new tricks. About 22 percent of the tutorial-style discussions were related to hacking tools and programs while 21 percent focused on how to hack Websites and forums.
“Hackers devote most of their time, 25 percent, towards discussing beginning hacking. The strongest category, with nearly 25 percent of discussions, was on hacking tutorials. This means there’s a strong, steady interest in content to learn hacking, ensuring a steady supply of new talent,” the report noted.
Imperva noted that the study was not a comprehensive survey of all hacker forums but just a snapshot of one such forum.
While a lot of the training that happens on the forums happens to be technical in nature, Imperva researchers found that the community shared tips on social engineering, such as ways victims can be manipulated into revealing log-in credentials or performing other tasks. Tutorials were also available on how to evade detection by law enforcement.
Imperva discovered that there was the “most chatter” on how to launch distributed denial of service (DDoS) attacks, or about 22 percent of all discussions, Rob Rachwald, director of security strategy at Imperva, told eWEEK last month. “DDoS got the gold medal,” he said, adding that SQL injection was the second most frequently mentioned attack vector, accounting for 19 percent of all discussions. Spam, zero-day vulnerabilities, brute-force attacks and shell code were also commonly discussed.
DDoS exploits were quite frequently the first attempt by new attackers as they develop their skills, thanks to the variety of simple point-and-shoot tools available.
Attack discussions have grown 157 percent over the past four years, with a lot of interest in mobile hacking, especially the iPhone.
Members also offered stolen data, such as credit card data, accompanied by dates of birth and other personal information, for sale on the forums. Imperva researchers found Visa numbers for United States customers were priced at about $2 (£1.27), while Discover cards were being sold for $6 (£3.8). American Express card details from the European Union were available for as high as $8 (£5) each, Imperva found.