Eavesdropping on Hacking Site

Tuesday, October 18, 2011 @ 03:10 PM gHale

It seems a bit oxymoronic, but the good guys can learn quite a bit from reading over an online hacker forum with nearly 220,000 registered members.

Hackers use this forum for training, communications, collaboration, recruitment, commerce and even social interaction, according to a report from Imperva. This forum also serves as a marketplace for selling of stolen data and attack software.

RELATED STORIES
Open Source WineHQ Breached
Two Groups Join in RSA Attack
Cyber Threats Forecast for 2012
Firms Hacked and Don’t Know It

The chat room discussions range from technical subjects like advice on attack planning to solicitations for help with specific campaigns. This forum is also a place where beginners can find “how-to-hack” tutorials on various methods, according to the report.

The report not only provides insight into hacker psychology, but also details the technical strategies they learn, develop and deploy.

“Studying hacker forums is important to providing insights into hacker psychology and technical strategies,” said Imperva Chief Technology Officer Amichai Shulman. “Hacker forums are still not well understood by many in the security community, and we believe that studying and quantifying what happens in these online communities can lead to the development of strategies to combat cybercrime.”

Findings include:
• Examples of hacker communications, collaboration, recruitment, commerce and social interaction activities.
• Attack discussions on this forum increased over the four-year period of analysis, growing an average of 157% year over year between 2007 and 2010.
• The most discussed topics in this forum from June 2010 to June 2011 were Dos/DDoS attacks, with 22% of discussions, followed by SQL injections, which comprised 19% of all discussions.
• 25% of discussions from June 2010 to June 2011 focused on “beginning” hacking, with members devoting 6% of their time sharing “how-to” tutorials and discussing basic methodologies, indicating a strong, steady interest from new talent.
• Mobile hacking has seen very strong growth in this forum from 2007 to 2010, with iPhone hacking leading the way.

Click here to read the complete report.