Abstract
For consumers the increasingly widespread consumer-grade connected (“smart”) devices; growing use of cloud-storage and globally still expanding use of Internet and mobile phones; mobile payment options will pose increasing risk of becoming a victim of cyber-attack. For companies and institutions of all kinds, matters regarding the protection of Intellectual Property (IP) and Personally Identifiable Information (PII) from cyber-breaches and -leaks will demand higher financial investment. With the discovery of Stuxnet, offensive and defensive cyber-capabilities have already become an acknowledged tool in military arsenals worldwide and are at the cusp of shifting the global landscape of military power. With the expanding yield of cyber-related activities, understanding the actors creating, manipulating, and distributing malicious code becomes a paramount task. In this chapter we report on the results of an exploration of black hat hacker forums on both the Internet and crypto-networks (in particular those accessed via the Tor-browser). We report on the structure, content, and standards of behavior within these forums. Throughout we highlight how these activity augment the activities of the black hat hackers who participate.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
See the Tor Project’s official website (https://www.torproject.org/) and Tor’s “About”-page (https://www.torproject.org/about/overview.html.en) for more details.
- 2.
In English-language forums typically PGP-encryption is encouraged, online communities hosted in other languages (e.g. French and Italian) occasionally suggest the use of GPG (Gnu Privacy Guard).
- 3.
Tails only uses RAM storage space, which is automatically erased after the computer shuts down.
- 4.
While Jabber allows members to contact each other independently of the forum, ICQ provide (private) chatrooms and access to groups not associated with the forum.
- 5.
The broadcasting of rules also helps to describe the scope of the forum to the most general audience.
- 6.
“Operation Security” refers to the protection of personal identifiable information recommended for everyone on the Darkweb.
- 7.
The availability of Tor-hosted websites (“uptime”) is much less reliable than those hosted on the surface-layer Internet. Due to the tunneling through multiple nodes, the loading of Tor-hosted sites also takes longer than direct connections. To evade monitoring many administrators migrate between a number of web-addresses, though that practice is more common with Darkweb-marketplaces.
- 8.
“Off Topic”-sections are often spaces provided to both answer the apparent need of members to sometimes discuss topics unrelated to the forum’s general theme as well as to maintain the integrity of the other hosted boards.
- 9.
Oleg Luzyanin, Alexander Andreyev and Renat Irmagombetov were arrested in Moscow for for hacking into Russian payment system Rapida in April 2015 (http://rapsinews.com/news/20150417/273569361.html).
References
Cyber criminal forum taken down - members arrested in 20 countries (2015)
Abbasi, A., Li, W., Benjamin, V., Hu, S., Chen, H.: Descriptive analytics: Examining expert hackers in web forums. In: IEEE – Joint Intelligence and Security Informatics Conference (JISIC), pp. 56–63. The Hague, The Netherlands (2014). DOI 10.1109/JISIC.2014.18. URL http://dx.doi.org/10.1109/JISIC.2014.18
Acar, G., Juarez, M., Nikiforakis, N., Diaz, C., Gürses, S., Piessens, F., Preneel, B.: Fpdetective: Dusting the web for fingerprinters. In: Proceedings of the 2013 ACM SIGSAC Conference on Computer and Communications Security, CCS ’13, pp. 1129–1140. ACM, New York, NY, USA (2013). DOI 10.1145/2508859.2516674. URL http://doi.acm.org/10.1145/2508859.2516674
Arma: Tor security advisory: Old tor browser bundles vulnerable. The Tor Project (2013). URL https://blog.torproject.org/blog/tor-security-advisory-old-tor-browser-bundles-vulnerable
Bargh, J.A., McKenna, K.Y.A.: The internet and social life. pp. 573–590 (2004). DOI 10.1146/annurev.psych.55.090902.141922
Benjamin, V.A., Li, W., Holt, T.J., Chen, H.: Exploring threats and vulnerabilities in hacker web: Forums, irc, and carding shops. In: 2015 International Conference on Intelligence and Security Informatics (IEEE), pp. 85–90. Baltimore, MD, USA (2015). DOI 10.1109/ISI.2015.7165944. URL http://dx.doi.org/10.1109/ISI.2015.7165944
Boellstorff, T.: Coming of Age in Second Life: An Anthropologist Explores the Virtually Human. Princeton University Press, Princeton, NJ, USA (2008)
Bradbury, D.: Unveiling the dark web. pp. 14–17 (2014). DOI 10.1016/S1353-4858(14)70042-X. URL http://dx.doi.org/10.1016/S1353-4858(14)70042-X
Chen, H., Chung, W., Qin, J., Reid, E., Sageman, M., Weimann, G.: Uncovering the dark web: A case study of jihad on the web. pp. 1347–1359. Wiley Subscription Services, Inc., A Wiley Company (2008)
Chu, B., Holt, T.J., Ahn, G.J.: Examining the creation, distribution, and function of malware on line. National Institute of Justice, Washington, D.C. (2010). URL www.ncjrs.gov./pdffiles1/nij/grants/230112.pdf
Coleman, E.G.: Ethnographic approaches to digital media. pp. 487–505 (2010)
Coleman, E.G.: Coding Freedom: The Ethics and Aesthetics of Hacking. Princeton University Press (2013)
Dingledine, R., Mathewson, N., Syverson, P.: Tor: The second-generation onion router. In: Proceedings of the 13th Conference on USENIX Security Symposium - Volume 13, SSYM’04, pp. 21–21. USENIX Association, Berkeley, CA, USA (2004)
Donk, W.B.H.J.v.d.e.: Cyberprotest: New Media, Citizens, and Social Movements. Routledge London; New York (2004)
Holt, T.J.: Lone hacks or group cracks: Examining the social organization of computer hackers. In: Crimes of the Internet, 1st edn., pp. 336–355. Prentice Hall Press, Upper Saddle River, NJ, USA (2009)
Holt, T.J., Schell, B.H.: Hackers and Hacking: A Reference Handbook. Contemporary World Issues. ABC-CLIO, LLC (2013)
Holt, T.J., Strumsky, D., Smirnova, O., Kilger, M.: Examining the social networks of malware writers and hackers. pp. 891–903 (2012)
Holt, T.J.e.: Crime On-Line: Correlates, Causes, and Context, 2 edn. Caroline Academic Press (2013)
Holtz, P., Kronberger, N., Wagner, W.: Analyzing internet forums: A practical guide. pp. 55–66 (2012). DOI 10.1027/1864-1105/a000062
Honeycutt, C., Herring, S.: Beyond microblogging: Conversation and collaboration via twitter. pp. 1–10 (2009)
Hutchings, A., Holt, T.J.: A crime script analysis of the online stolen data market (2014)
Jaishankar, K.: Space transition theory of cyber crimes. In: Crimes of the Internet, 1st edn., pp. 283–301. Prentice Hall Press, Upper Saddle River, NJ, USA (2009)
Java, A., Song, X., Finin, T., Tseng, B.: Why we twitter: Understanding microblogging usage and communities. In: Proceedings of the 9th WebKDD and 1st SNA-KDD 2007 Workshop on Web Mining and Social Network Analysis, WebKDD/SNA-KDD ’07, pp. 56–65. ACM, New York, NY, USA (2007)
Jordan, T., Taylor, P.: A sociology of hackers. pp. 757–780. Blackwell Publishing Ltd (1998)
Juris, J.S.: Reflections on occupy everywhere: Social media, public space, and emerging logics of aggregation. American Ethnologist 39 (2), 259–279 (2012)
Khandelwal, S.: Malware and hacking forum seized, dozens arrested (2015)
Khanderwal, S.: Creator of megalodonhttp ddos botnet arrested (2016)
Kozinets, R.V.: Netnography: Doing Ethnographic Research Online. Sage Publications Ltd. (2009)
Lacey, D., Salmon, P.M.: It’s dark in there: Using systems analysis to investigate trust and engagement in dark web forums. In: D. Harris (ed.) Engineering Psychology and Cognitive Ergonomics, Lecture Notes in Computer Science, vol. 9174, pp. 117–128. Springer International Publishing (2015)
Levy, S.: Hackers: Heroes of the Computer Revolution. Doubleday, New York, NY, USA (1984)
Macdonald, M., Frank, R., Mei, J., Monk, B.: Identifying digital threats in a hacker web forum. In: Proceedings of the 2015 IEEE/ACM International Conference on Advances in Social Networks Analysis and Mining 2015, ASONAM ’15, pp. 926–933. ACM, New York, NY, USA (2015)
McCaughey, M., Ayers, M.D. (eds.): Cyberactivism: Online Activism in Theory and Practice. Taylor and Francis, Inc., Bristol, PA, USA (2003)
Motoyama, M., McCoy, D., Levchenko, K., Savage, S., Voelker, G.M.: An analysis of underground forums. In: Proceedings of the 2011 ACM SIGCOMM Conference on Internet Measurement Conference, IMC ’11, pp. 71–80. ACM, New York, NY, USA (2011)
Postill, J., Pink, S.: Social media ethnographie: The digital researcher in a messy web. Media International Australia (2012)
Quodling, A.: Doxxing, swatting and the new trends in online harassment. The Conversation (2015). URL theconversation.com/doxxing-swatting-and-the-new-trends-in-online-harassment-40234
Rausch, M., Good, N., Hoofnagle, C.J.: Searching for indicators of device fingerprinting in the javascript code of popular websites (2014)
Samtani, S., Chinn, R., Chen, H.: Exploring hacker assets in underground forums pp. 31–36 (2015). DOI 10.1109/ISI.2015.7165935
Shakarian, P., Shakarian, J., Ruef, A.: Introduction to Cyber-Warfare: A Multidisciplinary Approach, 1st edn. Syngress Publishing (2013)
Snodgrass, J.G.: Ethnography of online cultures. In: Handbook of Methods in Cultural Anthropology, pp. 465–496. Rowman and Littlefield, London, UK (2015)
Steinmetz, K.F.: Craft(y)ness: An ethnographic study of hacking. British Journal of Criminology 55 (1), 125–145 (2015)
Steinmetz, K.F., Gerber, J.: “it doesn’t have to be this way”: Hacker perspectives on privacy 41 (3), 29–51 (2015)
for Strategic, C., Studies, I.: The economic impact of cybercrime and cyber espionage (2013). URL www.mcafee.com/mx/resources/reports/rp-economic-impact-cybercrime.pdf
Tanenbaum, A.S., Wetherall, D.J.: Computer Networks, 5th edn. Prentice Hall Press, Upper Saddle River, NJ, USA (2010)
Taylor, P.A.: From hackers to hacktivists: speed bumps on the global superhighway? New Media and Society 7 (5), 625–646 (2005)
Taylor, R.W., Fritsch, E.J., Liederbach, J.: Digital crime and digital terrorism, 3 edn. Prentice Hall Press (2014)
Turkle, S.: The Second Self: Computers and the Human Spirit. Simon and Schuster, Inc., New York, NY, USA (1984)
Wall, D.S.: Cybercrime: The Transformation of Crime in the Information Age, 1 edn. Polity (2007)
Wei, W.: Hunting russian malware author behind phoenix exploit kit (2013)
Acknowledgements
Some of the authors of this work were supported by the U.S. Department of the Navy, Office of Naval Research, NEPTUNE program as well as the Arizona State University Global Security Initiative (GSI). Any opinions, findings, and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the Office of Naval Research.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2016 Springer International Publishing Switzerland
About this chapter
Cite this chapter
Shakarian, J., Gunn, A.T., Shakarian, P. (2016). Exploring Malicious Hacker Forums. In: Jajodia, S., Subrahmanian, V., Swarup, V., Wang, C. (eds) Cyber Deception. Springer, Cham. https://doi.org/10.1007/978-3-319-32699-3_11
Download citation
DOI: https://doi.org/10.1007/978-3-319-32699-3_11
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-32697-9
Online ISBN: 978-3-319-32699-3
eBook Packages: Computer ScienceComputer Science (R0)