Black Hat Wannabes Get Training on Underground Hacker Forums

Anthony Freed
By | November 08, 2012

Posted in: Network Security Trends

Interested in advanced training opportunities so you can stop just wanting to be a Black Hat and finally turn your skills into a full-time criminal operation? Underground forums are providing education on how to become a better, and more malicious, attacker. Researchers combed one of the largest known hacker forums plus a few smaller ones and discovered that nearly one-third of all the discussion threads were dedicated to hacker training, relaying tips and tricks of the trade for those seeking to sharpen their skills and build some street cred.

Researchers from security provider Imperva presented their findings in a report titled Monitoring Hacker Forums after having analyzed discussions in 18 hacker-oriented forums, the largest of which boasting some 250,000 members, and discovered some potentially useful trends that can be applied to help security professionals and the organizations they serve better protect against malicious actors.

Of note in the report is the high level of attention given to the subject of exploiting social networks for financial or tactical reasons, and the report highlights that "a black market for buying and selling illegitimate social network likes, followers, and endorsements" is thriving. Discussions involving Facebook took the lead at 39 percent, followed closely by mentions of Twitter at 37 percent, according to the report.

"Hacking an account doesn’t have to be done by technically exploiting a vulnerability in the application, and this does not necessarily require coding experience. Easier ways involve social engineering methods, in which the attacker manipulates the victim into giving away his credentials, thus providing the attacker with all he needs to break into the account," the report states.

The research also revealed that more than one-third of the forum discussions analyzed were dedicated to the use of different hacking tools and programs available in the marketplace, and to the subject of hacking websites.

The most popular methodologies being discussed on these forums are distributed denial of service (DDoS) and SQL injection attacks, each garnering nearly one-fifth of all the attack-oriented conversations analyzed, followed by the use of shell codes, spamming, cross-site scripting (XSS) techniques, brute-force attacks, and HTML injections.

The research team believes data such as this regarding attack methodologies should be an indication of where organizations should be focusing their efforts and security budgets. The report points out that Gartner's Forecast: Security Infrastructure Worldwide 2Q12 Update estimated that while some $25 billion was committed to securing critical networks in 2011, only about 5% of that spending was directed at mitigating mitigate SQL injection attacks.

"By examining what information hackers seek out or share in these forums, we can better understand where they are focusing their efforts. If organizations neglect SQL injection security, we believe that hackers will place more focus on those attacks," Imperva CTO Amichai Shulman said in a press release.

You May Also Be Interested In: