Cheaters steal cheaters: what's going on in the underground forums?

Hackers and cybercriminals often gather in "underground" forums to buy exploits, or to cooperate with each other.

hacker

They can advertise upcoming projects they need help with, sell stolen databases ς πρόσβασης και πληροφορίες πιστωτικών καρτών ή να διαφημίσουν exploits για νέα κενά σημεία ασφαλείας που μπορούν να χρησιμοποιηθούν για να εισβάλουν σε or computer systems.

However, these deals often don't always go according to plan.

New research, published today by security firm Sophos, examines these failed transactions and the complaints made by members of these forums.

"Scammers are scamming scammers on illegal forums and the amounts are much higher than we first thought," says Matt Wixey, a researcher at Sophos X Ops who studied illegal markets.

Wixey examined three of the most important illegal forums: the Russian-speaking ones and XSS, as well as the English-language BreachForums, which it replaced RaidForums when it was seized by US law enforcement in April.

While the sites operate in slightly different ways, they all have “arbitration rooms” where their members can complain if they believe they have been cheated or wronged by others.

For example, if someone buys malware and it doesn't work, they can complain to the site administrators.

Complaints can sometimes help get their money back, but more often they act as a warning to other users, Wixey says.

In the last 12 months – the period covered by the investigation – criminals on these forums lost more than $2,5 million to other scammers, according to the of research.

There are some who complain about as little as $2, while the average scam on each of the sites ranges from $200 to $600, according to the research, which will be presented at security conference BlackHat Europe.

iGuRu.gr The Best Technology Site in Greecefgns

every publication, directly to your inbox

Join the 2.100 registrants.
sophos, blackhat, forum

Written by giorgos

George still wonders what he's doing here ...

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).