Exploring malicious hacker forums

Abstract

For consumers the increasingly widespread consumer-grade connected ("smart") devices; growing use of cloud-storage and globally still expanding use of Internet and mobile phones; mobile payment options will pose increasing risk of becoming a victim of cyber-attack. For companies and institutions of all kinds, matters regarding the protection of Intellectual Property (IP) and Personally Identifiable Information (PII) from cyber-breaches and -leaks will demand higher financial investment. With the discovery of Stuxnet, offensive and defensive cyber-capabilities have already become an acknowledged tool in military arsenals worldwide and are at the cusp of shifting the global landscape of military power. With the expanding yield of cyber-related activities, understanding the actors creating, manipulating, and distributing malicious code becomes a paramount task. In this chapter we report on the results of an exploration of black hat hacker forums on both the Internet and crypto-networks (in particular those accessed via the Tor-browser). We report on the structure, content, and standards of behavior within these forums. Throughout we highlight how these activity augment the activities of the black hat hackers who participate.