Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Imperva’s Latest Report Looks Inside Hacker Forums

Security firm Imperva has published its hacker intelligence report for October, which is the company’s second report focusing on the activity of one of the Web’s largest hacking forums. In addition to training resources, such as tutorials and scripts, Imperva also detected a market for social networking fraud.

“By examining what information hackers seek out or share in these forums, we can better understand where they are focusing their efforts,” said Amichai Shulman, Imperva’s CTO.

Security firm Imperva has published its hacker intelligence report for October, which is the company’s second report focusing on the activity of one of the Web’s largest hacking forums. In addition to training resources, such as tutorials and scripts, Imperva also detected a market for social networking fraud.

“By examining what information hackers seek out or share in these forums, we can better understand where they are focusing their efforts,” said Amichai Shulman, Imperva’s CTO.

Not surprising, hot topics being discussed included DDoS and SQL Injection attacks. According to Imperva’s analysis, DDoS (19%) and SQL injection (19%) were the most frequently discussed attack methods. Training was another hot topic, as education accounted for nearly a third of the discussions. Of the total conversations analyzed, roughly 28% were related to beginner hacking and hacker training, while another five percent related to hacking tutorials.

When it comes to sales and marketing, the forum had a booming economy focuses on social media fraud. There were several accounts buying and selling ‘Likes’ on Facebook for posts and pages, as well as followers on Twitter. The services separated themselves from the competition by pitching accounts that “look real” or have “legit bios.”

For example, one account was offering 200,000 Twitter followers for as little as $140 via PayPal, which were a mix of “real and fake accounts, all with avatars!”

Other services were offing Facebook “Likes,” where as little as $4 would earn 100 of them; or $100 would earn 5,000. Again, the seller noted that all accounts that liked the page or post would look “real and legit.”

“Consumers and enterprises that use social media need to better recognize the security risks posed by these platforms. While privacy concerns often get most of the headlines, security should be just as much of a concern. Hackers have developed a profitable industry, using services and tools to hijack accounts, dupe users, and spread malware,” the report notes.

The full Hacker Intelligence report is available here in PDF format. 

RelatedHere’s What $50 Can Get You In The Cybercrime Underground

Written By

Click to comment

Expert Insights

Related Content

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Cybercrime

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Cybercrime

A new study by McAfee and the Center for Strategic and International Studies (CSIS) named a staggering figure as the true annual cost of...

Cybercrime

The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.

Cybercrime

Video games developer Riot Games says source code was stolen from its development environment in a ransomware attack

Cybercrime

Artificial intelligence is competing in another endeavor once limited to humans — creating propaganda and disinformation.

Cybercrime

CISA, NSA, and MS-ISAC issued an alert on the malicious use of RMM software to steal money from bank accounts.

Cybercrime

Chinese threat actor DragonSpark has been using the SparkRAT open source backdoor in attacks targeting East Asian organizations.