On the internet if you search you will find several hacking forums which are not famous for their legal purposes. What are these and what are their users talking about?
What are Hacking Forums?
Forums are generally a website that contains topic boards, in which registered users discuss and exchange ideas and knowledge. This is the general definition of a forum. But forums are essential tools and just as a knife can operate on a patient at the hands of a doctor, it can also kill at the hands of a criminal.
So there are forums where discussion topics are not so legal. In these forums, users talk about various topics, such as piracy, selling stolen data, offering services to other users, tips on how to avoid detection by the police or just technical questions and answers.
The majority of users use these forums in the beginning for knowledge but as they realize that there is money behind the illegality, they continue to solve their financial problems. So you will see many kinds of people in these discussions. Users who are interested in knowledge, revenge, curiosity, to spend their time, to gain power, etc. But you will see something else: Sellers and customers.
The most popular hacking forums are Hell Bound Hackers (HBH), Hack Forums and Cracked. It was also Raidforums until in April 2022 the authorities closed it and arrested its administrator. Let's see what happens to them:
Hack Forums
Hack Forums (hackforums.net) is used by many in an effort to learn the art of hacking, and less so for posting stolen data like some others. Its users tend to be new to the experience, curious about hacking and what they can do about it.
They often seek guidance from those who claim to be more experienced. Hack Forums has a reputation for being impenetrable to the unregistered, but also as a haven for trolls and brazen criminal activity.
What they talk about most in Hack Forums. Check out the FAQ:
How to gain unauthorized access to a computer network?
Many users who are new to hacking ask the most advanced hackers basic questions about how to hack into computer networks. You will see this question written many times.
This reveals that many people around the world are motivated to engage in cybercrime because they have heard it is profitable or think it would be interesting, but do not have the ability or motivation to learn on their own and rely on others for provide them with easy-to-use software or services.
This results in a thriving economy based on underground services. Vendors offer malware as a service, phishing packages and e-hosting services, malware for stealing keys and passwords, infringing on companies' remote desktops (RDPs), email addresses with passwords and passwords created from previous breaches, software programs that make it easy to quickly access passwords on many websites and many other solutions, turnkey for would-be cyber criminals.
When eager and reckless hacking newcomers buy access to powerful tools and services, the threat to businesses is increasing, but at the same time, studying the attack patterns associated with these criminal services and tools can lead to better detection and defense.
Is hacking legal?
And this question is often asked by new forum members and they receive a variety of answers from the most experienced users. Some say that piracy that gives unauthorized access to a network or computer system is illegal, but the forum helps users understand cyber security laws.
Others describe hacking in general as part of IT and point out that it is a multifaceted discipline that covers a wide range of topics. Others define hacking as a way to show companies that they lack security and may teach them with a difficult lesson that they need to focus more on security to protect their customers.
What tools are used to target networks?
The majority of users have figured out how to gather information about the networks of the target companies, using basic system tools such as Netstat, Tracert, Ping, Nslookup, Telnet and more. Online services that provide scanned data, such as shodan.io, binaryedge.io and others are also often used to detect exposed services in a range of IP addresses.
Most discussions suggest finding remote target access, such as SSH, RDP, Telnet, or FTP, and then launching attacks with brute-force method.
More advanced intruders scan vulnerable servers that have not been repaired and can be exploited. One thing that is clear from the discussions in the forum is that, zero-day exploits that really work are very rare, sold for very high sums of money, and are usually only offered in private sales.
The most widely used farms are vulnerabilities that have been fixed for some time, targeting companies that are not interested in implementing security updates.
Hellbound Hackers (HBH)
Hellbound Hackers (hbh.sh) is another site that seeks to educate those who are new to the world of illegal internet activity. What you will find when you visit this site is many users giving descriptions of different attack methods or tools that can be used to carry out attacks.
Although not all could be considered harmful, educating would-be hackers could well lead to harmful activity and thus this site could be considered dangerous.
A user on HBH has posted what he thinks are the most useful and common ways to "hack a website". Each of the methods includes e.gterms or websites you can visit to learn how to carry out the attacks.
Although there is a lot of misinformation in the post, it can entice those who are still learning, to look more closely at the methods, leading to more efforts and opportunities to make successful penetrations in the future.
Cracked
Cracked (cracked.io) is another site used to distribute or sell stolen data obtained through illegal activities.
Although the forum is advertised as a source learnings for penetration testing, forum users asked for help by sending mass emails to bank employees and said they would pay someone in bitcoin to do the job for them.
Other forum members were asking for advice on committing refund fraud to stores and the site advertises software that uses large lists of passwords to break into other people's email accounts.
Retail companies that offer incentives to their big customers, such as reward codes or cash vouchers, often show these coupons being sold on Cracked.
Raidforums
Raidforums (raidforums.com) is now closed by the FBI, but it's worth a mention. It was the largest hacking forum and a market for leaks.
With more than 445.000 registered users, they were discussing where to find available resources on the Dark Web (since Google and Bing search engines do not index sites on the Dark Web), or posting stolen data and leaks from sites for sale, or as a threat to pay the ransom.
In conclusion
Let's be absolutely clear: hacking into computers, networks, email accounts, websites or any other system that belongs to someone else, without their express permission, is illegal and erroneous, regardless of the motives of the attacker.
IGuRu does not approve of the use of piracy for criminal activities. Instead, we encourage individuals who want to learn or improve their offensive security skills to seek out resources and channels of communication in Information Security communities where criminal activity is unacceptable.
For security professionals, it is important to pay attention to the discussions that take place in these forums. Knowing what hacking tools are for sale and how they work can help them build defenses.
Tracking the sale of stolen passwords and databases can provide an early warning that a company's data has been stolen and will soon be used for fraud if someone buys it.
