How do experienced attackers manage to fall into their own trap?
Researchers from the company Hudson Rock found that hackers ' accounts are massively leaking into the public domain. After analyzing dozens of leaks and leaked databases, experts found that about 120 thousand compromised systems contained credentials for cybercrime forums, that is, they belonged to hackers.
Cyber bandits often accidentally infected their own computers with malware designed to attack other people, causing their usernames and passwords to be stolen by other attackers.
In addition, would-be criminals often downloaded malicious software and various malicious software constructors with built-in infostilers from various forums, and therefore also became victims of other hackers.
Many hacking tools are initially identified as malicious by most antivirus software. Based on this, many cybercriminals, both beginners and experienced, either simply ignore the warnings of the antivirus, or disable/delete it altogether, so that it does not accidentally delete the files they need.
The authority of the source from which digital villains download certain tools usually outweighs the warnings of security software. Attackers blindly believe that the file they need simply cannot contain hidden malicious software, if it is, for example, downloaded from a popular cybercrime forum.
Be that as it may, analysis of the data leaked to the network by Hudson Rock specialists showed that passwords for logging in to hacker forums were often much more complex than for government sites. But even among hackers, there were those who used very simple combinations.
According to experts, the main reason for the leaks were only three popular malware: RedLine, Racoon and Azorult. These ransomware programs purposefully search victims ' computers for passwords and other sensitive information. Especially often they attack browsers that store saved passwords and data for auto-completion.
Hudson Rock researchers collected stolen data from public leaks and directly from hackers distributing malware. This allowed them to build a large-scale picture of the compromised accounts and discover some interesting details.
In particular, it was found that more than 57 thousand users had accounts on the popular hacker forum Nulled. The top three also included the Cracked forum with 19 thousand merged posts, as well as Hackforums with 13 thousand profiles.
TOP 10 hacker forums by the number of merged accounts
Passwords on BreachForums, one of the once most popular underground forums, turned out to be quite reliable: more than 40% consisted of 10 or more characters, including numbers, letters, and special characters. However, there were also very weak passwords like a simple sequence of numbers.
Last month, Hudson Rock specialists already talked about a well-known hacker in cybercrime circles under the pseudonym "La_Citrix", who accidentally became infected with his own infostiler and sold a database with his personal information to the network. Then the researchers managed to quickly identify the identity of the attacker and report him to law enforcement agencies.
Stories like this show that even experienced hackers can suddenly become victims if they aren't careful enough. Hudson Rock experts urge all users, including IT professionals, to use strong passwords and antivirus programs (and not ignore their warnings) to avoid personal data leakage.
Researchers from the company Hudson Rock found that hackers ' accounts are massively leaking into the public domain. After analyzing dozens of leaks and leaked databases, experts found that about 120 thousand compromised systems contained credentials for cybercrime forums, that is, they belonged to hackers.
Cyber bandits often accidentally infected their own computers with malware designed to attack other people, causing their usernames and passwords to be stolen by other attackers.
In addition, would-be criminals often downloaded malicious software and various malicious software constructors with built-in infostilers from various forums, and therefore also became victims of other hackers.
Many hacking tools are initially identified as malicious by most antivirus software. Based on this, many cybercriminals, both beginners and experienced, either simply ignore the warnings of the antivirus, or disable/delete it altogether, so that it does not accidentally delete the files they need.
The authority of the source from which digital villains download certain tools usually outweighs the warnings of security software. Attackers blindly believe that the file they need simply cannot contain hidden malicious software, if it is, for example, downloaded from a popular cybercrime forum.
Be that as it may, analysis of the data leaked to the network by Hudson Rock specialists showed that passwords for logging in to hacker forums were often much more complex than for government sites. But even among hackers, there were those who used very simple combinations.
According to experts, the main reason for the leaks were only three popular malware: RedLine, Racoon and Azorult. These ransomware programs purposefully search victims ' computers for passwords and other sensitive information. Especially often they attack browsers that store saved passwords and data for auto-completion.
Hudson Rock researchers collected stolen data from public leaks and directly from hackers distributing malware. This allowed them to build a large-scale picture of the compromised accounts and discover some interesting details.
In particular, it was found that more than 57 thousand users had accounts on the popular hacker forum Nulled. The top three also included the Cracked forum with 19 thousand merged posts, as well as Hackforums with 13 thousand profiles.
TOP 10 hacker forums by the number of merged accounts
Passwords on BreachForums, one of the once most popular underground forums, turned out to be quite reliable: more than 40% consisted of 10 or more characters, including numbers, letters, and special characters. However, there were also very weak passwords like a simple sequence of numbers.
Last month, Hudson Rock specialists already talked about a well-known hacker in cybercrime circles under the pseudonym "La_Citrix", who accidentally became infected with his own infostiler and sold a database with his personal information to the network. Then the researchers managed to quickly identify the identity of the attacker and report him to law enforcement agencies.
Stories like this show that even experienced hackers can suddenly become victims if they aren't careful enough. Hudson Rock experts urge all users, including IT professionals, to use strong passwords and antivirus programs (and not ignore their warnings) to avoid personal data leakage.
