Imperva researchers analyzed the activities of a large hacker forum for a year and found that members are discussing distributed denial of service attacks and providing tutorials.
Hackers are often perceived
as isolated, alienated individuals, working alone or in small groups. In
reality, hackers are quite social, frequenting online forums and chat rooms to
brag about their exploits, exchange tips and share knowledge, according to a
recent analysis of hacker activity.
Online forums are critical
to the hacking community, and are used by hackers and criminals to learn,
communicate and collaborate with other like-minded individuals, according to
the "State of Hacker Forums" report released by Imperva Oct. 17. The
forums are generally not easily discoverable or accessible to everyone, but
interested newbies will find plenty of resources and support to get started,
The underground forums
provide ways for the community to communicate and collaborate with each other,
recruit new talent as well as buy and sell stolen data and tools. Imperva noted
that the exact number of forums devoted to hacker activity is unknown, but some
are quite large. Others are smaller and quite exclusive, requiring permission
from an existing member to join. Imperva used content-analysis tools to search
and analyze chats by topic using keywords as part of a year-long observation.
"Studying hacker forums
is essential to providing critical insights into hacker psychology and
technical strategies," said Imperva CTO Amichai Shulman.
The report took an in-depth
look at the content and activities of one of the forums that boasts about 250,000
members. Members spent about 25 percent of their time in forums offering others
beginner tips, Imperva found. Members rely on forums to share the latest
techniques and learn new tricks. About 22 percent of the tutorial-style
discussions were related to hacking tools and programs while 21 percent focused
on how to hack Websites and forums.
"Hackers devote most of
their time, 25 percent, towards discussing beginning hacking. The strongest
category, with nearly 25 percent of discussions, was on hacking tutorials. This
means there's a strong, steady interest in content to learn hacking, ensuring a
steady supply of new talent," the report noted.
Imperva noted that the study
was not a comprehensive survey of all hacker forums but just a snapshot of one
While a lot of the training
that happens on the forums happens to be technical in nature, Imperva
researchers found that the community shared tips on social engineering, such as
ways victims can be manipulated into revealing log-in credentials or performing
other tasks. Tutorials were also available on how to evade detection by law
Imperva discovered that
there was the "most chatter" on how to launch
distributed denial of service (DDoS) attacks
, or about 22 percent of all
discussions, Rob Rachwald, director of security strategy at Imperva, told eWEEK
last month. "DDoS got the
gold medal," he said, adding that SQL injection was the second most
frequently mentioned attack vector, accounting for 19 percent of all
discussions. Spam, zero-day vulnerabilities, brute-force attacks and shell code
were also commonly discussed.
DDoS exploits were quite
frequently the first attempt by new attackers as they develop their skills, thanks
to the variety of simple point-and-shoot tools available.
Attack discussions have
grown 157 percent over the past four years, with a lot of interest in mobile
hacking, especially the iPhone.
Members also offered stolen
data, such as credit card data, accompanied by dates of birth and other
personal information, for sale on the forums. Imperva researchers found Visa
numbers for United States customers were priced at about $2, while Discover
cards were being sold for $6. American Express cards from the European Union
were available for as high as $8 a number, Imperva found.