On the internet if you search you will find several hacking forums which are not famous for their legal purposes. What are these and what are their users talking about?
What are Hacking Forums?
Τα forums (φόρουμ) γενικότερα είναι ένα on-lineς ιστότοπος που περιέχει πίνακες με θέματα, μέσα στα οποία οι εγγεγραμμένοι χρήστες τους συζητούν και ανταλλάσσουν ιδέες και γνώσεις. Αυτή είναι ο γενικός ορισμός ενός φόρουμ. Όμως, τα φόρουμ είναι ουσιαστικά εργαλεία και όπως ένα μαχαίρι μπορεί να χειρουργήσει ένα ασθενή στα χέρια ενός γιατρού, μπορεί και να σκοτώσει στα χέρια ενός εγκληματία.
So there are forums where discussion topics are not so legal. In these forums users talk about various topics such as piracy, selling stolen data, offering services to other users, giving advice on how to avoid identification by the police or just technical questions and answers.
The majority of users use these forums in the beginning for knowledge but as they realize that there is money behind the illegality, they continue to solve their financial problems. So you will see many kinds of people in these discussions. Users who are interested in knowledge, revenge, curiosity, to spend their time, to gain power, etc. But you will see something else: Sellers and customers.
The most popular hacking forums are Hell Bound Hackers (HBH), Hack Forums and Cracked. It was also Raidforums until in April 2022 the authorities closed it and arrested its administrator. Let's see what happens to them:
Hack Forums (hackforums.net) usesis used by many in an attempt to learn the art of hacking, and less so for posting stolen data like some others. Its users tend to be new to the experience, curious about hacking and what they can do with it.
They often seek guidance from those who claim to be more experienced. Hack Forums has a reputation for being impenetrable to non-registered people, but also as a port for trolls and brazen criminal activities.
What they talk about most in Hack Forums. Check out the FAQ:
How to gain unauthorized access to a computer network?
Many users who are new to hacking ask the most advanced hackers basic questions about how to hack into computer networks. You will see this question written many times.
This reveals that many people around the world are motivated to engage in cybercrime because they have heard it is profitable or think it would be interesting, but do not have the ability or motivation to learn on their own and rely on others for provide them with easy-to-use software or services.
This results in a thriving economy based on underground services. Vendors offer malware as a service, phishing packages and e-hosting services, malware for stealing keys and passwords, infringing on companies' remote desktops (RDPs), email addresses with passwords and passwords created from previous breaches, software programs that make it easy to quickly access passwords on many websites and many other solutions, turnkey for would-be cyber criminals.
When eager and reckless hacking newcomers buy access to powerful tools and services, the threat to businesses is increasing, but at the same time, studying the attack patterns associated with these criminal services and tools can lead to better detection and defense.
Is hacking legal?
And this question is often asked by new forum members and they receive a variety of answers from the most experienced users. Some say that piracy that gives unauthorized access to a network or computer system is illegal, but the forum helps users understand cyber security laws.
Others describe hacking in general as part of IT and point out that it is a multifaceted discipline that covers a wide range of topics. Others define hacking as a way to show companies that they lack security and may teach them with a difficult lesson that they need to focus more on security to protect their customers.
What tools are used to target networks?
The majority of users have figured out how to gather information about the networks of the target companies, using basic system tools such as Netstat, Tracert, Ping, Nslookup, Telnet and more. Online services that provide scanned data, such as shodan.io, binaryedge.io and others are also often used to detect exposed services in a range of IP addresses.
More advanced intruders scan vulnerable servers that have not been repaired and can be exploited. One thing that is clear from the discussions in the forum is that, zero-day exploits that really work are very rare, sold for very high sums of money, and are usually only offered in private sales.
The most widely used farms are vulnerabilities that have been fixed for some time, targeting companies that are not interested in implementing security updates.
Hellbound Hackers (HBH)
Hellbound Hackers (hbh.sh) is another site that seeks to educate those who are new to the world of illegal internet activity. What you will find when you visit this site is many users giving descriptions of different attack methods or tools that can be used to carry out attacks.
Although not all could be considered harmful, educating would-be hackers could well lead to harmful activity and thus this site could be considered dangerous.
A user at HBH has posted what he thinks are the most useful and common ways to "hack a site". Each of these methods includes resources or websites that you can visit to learn how to carry out attacks.
Although there is a lot of misinformation in the post, it can entice those who are still learning, to look more closely at the methods, leading to more efforts and opportunities to make successful penetrations in the future.
Cracked (cracked.io) is another site used to distribute or sell stolen data obtained through illegal activities.
Αν και το φόρουμ διαφημίζεται ως πηγή εκμάθησης για δοκιμές διείσδυσης, χρήστες του φόρουμ ζήτησαν βοήθεια με την αποστολή μαζικών email στους υπαλλήλους τραπεζών και είπαν ότι θα πλήρωναν κάποιον σε bitcoin για να τους κάνει την δουλειά.
Other members of the forum have been asking for tips on committing money back fraud in stores, and the site is advertising software that uses large lists of passwords to hack into other people's email accounts.
Retail companies that offer incentives to their big customers, such as reward codes or cash vouchers, often show these coupons being sold on Cracked.
Raidforums (raidforums.com) is now closed by the FBI, but it's worth a mention. It was the largest hacking forum and a market for leaks.
With over 445.000 registered users, they were discussing where to find resources available on the Dark Web (since the search engines Google and Bing do not index websites on the Dark Web), or publish stolen data and "leaks" from websites, either for sale or as a threat to pay a ransom.
Let's be absolutely clear: hacking into computers, networks, email accounts, websites or any other system that belongs to someone else, without their express permission, is illegal and erroneous, regardless of the motives of the attacker.
IGuRu does not approve of the use of piracy for criminal activities. Instead, we encourage individuals who want to learn or improve their offensive security skills to seek out resources and channels of communication in Information Security communities where criminal activity is unacceptable.
For security professionals, it is important to pay attention to the discussions that take place in these forums. Knowing what hacking tools are for sale and how they work can help them build defenses.
Tracking the sale of stolen passwords and databases can provide an early warning that a company's data has been stolen and will soon be used for fraud if someone buys it.