Most hackers actually don’t fit the common stereotype of a hoodie-attired, jobless loner glued to a computer screen for days on end in a quiet basement.
Black hat hackers are, in fact, gainfully employed and not alone. They undoubtedly spend countless hours affixed to a laptop – and probably in a basement – but many work for cybercriminal outfits and collectively share the tricks of their trade on web forums and communities. There, they offer details of their recent hacks and the tools they used. They also sell stolen data and other ill-gotten gains. Hiding behind contrived usernames, hackers depend on these forums to make a living. Theirs is a profession, and communities are their job markets.
With this blog post – the last in a three-part series reviewing the tools, services and forums of hackers – we’ll take a look at some of popular Dark Web communities (and a few that are on the open net). Why? Because we find it interesting and the resources available to hackers should be exposed as much as possible in the fight against cybercrimes that can cripple your business and make for bragging fodder on these underground sites.
With an estimated 240,000 users, AlphaBay Market is considered to be one of the largest and longest-running Dark Web sites. Stolen Uber accounts were offered for as low as $1 each on the site in 2015, and it was the landing place for stolen data from the 157,000 personal accounts administered by the U.K. telecommunications giant TalkTalk.
This online forum, which is accessible to the general public on the World Wide Web, makes it clear that any discussion on black hat hacking activities – including phishing, identity theft and ransomware – is prohibited. Nonetheless, HackForums offers page upon page, and thread upon thread, on how to hack wireless networks, instant messaging systems and all kinds of electronics. With dozens of tutorials and near-endless commentary by hackers, this site is a genuine repository for all things hacking.
One of the most popular hacking forums, Hell was temporarily shut down in 2015 after its administrator was rumored to have been arrested. It gained notoriety that same year when a hacker used the platform to dump the personal details of 4 million users of the site Adult Friend Finder. Hell is accessible only through Tor, a Dark Web network.
Ostensibly created to be a resource for research, LeakedSource is turning out to be a training ground for hackers. Found on the “clear Web,” this service allows people to see if they’ve ever been hacked by entering their emails or Web accounts. It claims to have information on 2.2 billion accounts gleaned from searches of Dark Web searches and directly from hackers. For $2 a day, subscribers can enter email addresses, see the accounts they’re associated with, and receive help from LeakedSource in cracking passwords. LeakedSource says it doesn’t condone hacking, but clearly hackers can afford this nominal subscription fee to have a chance of getting access to protected accounts.
This soup-to-nuts resource, like HackForums, shares information and commentary on cybersecurity practices, while simultaneously providing a voice to the hackers that flout cybersecurity. Hackers can go to the “Hacking” category and learn, for example, the latest on keyloggers that record keystrokes in a text file or programs that can scan remote computers for open ports and known exploits. If that’s not enough, they can learn how to use Trojans to access computers, or get tips on how to spoof and change your IP address.
Hacker communities are quite strong on the Dark Web, and even on the clear Web. They are the bond of organized trade – places where black hat professionals can make money after taking advantage of your business. Be cyber vigilant!