Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Imperva’s Latest Report Looks Inside Hacker Forums

Security firm Imperva has published its hacker intelligence report for October, which is the company’s second report focusing on the activity of one of the Web’s largest hacking forums. In addition to training resources, such as tutorials and scripts, Imperva also detected a market for social networking fraud.

“By examining what information hackers seek out or share in these forums, we can better understand where they are focusing their efforts,” said Amichai Shulman, Imperva’s CTO.

Security firm Imperva has published its hacker intelligence report for October, which is the company’s second report focusing on the activity of one of the Web’s largest hacking forums. In addition to training resources, such as tutorials and scripts, Imperva also detected a market for social networking fraud.

“By examining what information hackers seek out or share in these forums, we can better understand where they are focusing their efforts,” said Amichai Shulman, Imperva’s CTO.

Not surprising, hot topics being discussed included DDoS and SQL Injection attacks. According to Imperva’s analysis, DDoS (19%) and SQL injection (19%) were the most frequently discussed attack methods. Training was another hot topic, as education accounted for nearly a third of the discussions. Of the total conversations analyzed, roughly 28% were related to beginner hacking and hacker training, while another five percent related to hacking tutorials.

When it comes to sales and marketing, the forum had a booming economy focuses on social media fraud. There were several accounts buying and selling ‘Likes’ on Facebook for posts and pages, as well as followers on Twitter. The services separated themselves from the competition by pitching accounts that “look real” or have “legit bios.”

For example, one account was offering 200,000 Twitter followers for as little as $140 via PayPal, which were a mix of “real and fake accounts, all with avatars!”

Other services were offing Facebook “Likes,” where as little as $4 would earn 100 of them; or $100 would earn 5,000. Again, the seller noted that all accounts that liked the page or post would look “real and legit.”

“Consumers and enterprises that use social media need to better recognize the security risks posed by these platforms. While privacy concerns often get most of the headlines, security should be just as much of a concern. Hackers have developed a profitable industry, using services and tools to hijack accounts, dupe users, and spread malware,” the report notes.

The full Hacker Intelligence report is available here in PDF format. 

Advertisement. Scroll to continue reading.

RelatedHere’s What $50 Can Get You In The Cybercrime Underground

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Cybercrime

As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.

Cybercrime

Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Cybercrime

Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite.

Artificial Intelligence

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Cybercrime

Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.