sb-au logo
Story image

High demand for hackers on the dark web

There is high demand for hackers on the dark web, according to new research from Positive Technologies.

Positive Technologies experts analysed the ten most active forums on the dark web, which offer services for hacking websites, buying and selling databases, and accessing web resources. The research found that in the vast majority of cases on these forums, most individuals are looking for a hacker, and in 7 out of 10 ads, their main goal is to gain access to a web resource.

The research discovered that in 90% of cases, users of dark web forums will search for a hacker who can provide them with access to a particular resource or who can download a user database. Only 7% of forum messages analysed included individuals offering to hack websites[. The remaining 3% of the messages analysed were aimed at promoting hacking tools, programmes and finding like-minded people to share hacking experience.

"Since March 2020, we have noticed a surge of interest in website hacking, which is seen by the increase in the number of ads on forums on the dark web," says Positive Technologies analyst, Yana Yurakova.

"This may have been caused by an increase in the number of companies available via the internet, which was triggered by the COVID-19 pandemic. 

"As a result of this, organisations that previously worked offline were forced to go online in order to maintain their customers and profits, and cybercriminals, naturally, took advantage of this situation."

According to the research, 69% of ad inquiries were related to website hacking, where the main goal was to gain access to a web resource. Not only does this show that attackers can steal sensitive information, but they can also sell access to web applications to so-called fences. 

Inquiries aimed at obtaining user or client databases from a targeted resource ranked second in popularity with 21% of all ads seen. Competitors and spammers who collect lists of addresses for targeted phishing attacks aimed at a specific audience are primarily interested in acquiring this type of information. The research shows that custom databases such as these can cost up to $20,000.

Additionally, people on dark web forums also look for hackers who can place malware on a web resource or ones who can hack a website in order to delete particular data located on it, seen in four percent and three percent of ads respectively.

Among the various options of purchasing and selling hacking services and website access, there is a consistently high demand for access to online store sites, with prices ranging between $50 and $2,000. Experts say this is very popular due to the fact that when paying for goods, users enter their credit card details. Thus, attackers have opportunities to inject malicious JavaScript code into these websites to intercept the information entered by the user and use it for their personal gain. 

Another way attackers cash in on users is by obtaining privileged access to online stores, which then allows them to place orders using other people's payment cards, or not pay at all.

Positive Technologies Senior Information Security Analyst, Vadim Solovyov explains, "Insufficient web application security and the ability of criminals to easily find an experienced hacker or a ready-made tool for hacking a web resource pose an undoubted threat to both users and companies. 

"Hacking a company's web applications can lead to global consequences, ranging from data leaks to penetrating the company's local network and using its resources in subsequent attacks," he says.

"When building a security system, we recommend following the principles of a risk-oriented approach, based on an understanding of the magnitude of negative consequences that are acceptable for your company. 

"To protect your company, you should adhere to the principles of secure development and use automated source code analysis tools to search for errors and vulnerabilities," Solovyov says.

"It is essential to regularly evaluate your web application security and to use a web application firewall for proactive protection against attacks."

Story image
Latest Tenable launch provides holistic approach to vulnerability management
Tenable.ep is reportedly the industry’s first, all-in-one, risk-based vulnerability management platform designed to scale as dynamic compute requirements change.More
Story image
ExtraHop reveals methods used by attackers in SUNBURST breach
The network detection and response company says between late March and early October 2020, detections of probable malicious activity increased by approximately 150%, including detections of lateral movement, privilege escalation and command and control beaconing.More
Story image
Cyber-pandemic: The most notable cyber attacks of 2020
2020 and the COVID-19 pandemic saw employees move to remote working, keeping IT professionals on high alert for cyberattacks. More
Story image
Investing in digital trust for the post-pandemic business landscape
Business leaders in 2021 need to make sustainable investments to give their organisations a much-needed resilience boost to tackle new disruptions, while still enabling growth.More
Story image
Quantum extends Veeam partnership in a bid to protect against ransomware
“Quantum continues to expand its partnership with us and we are pleased to add ActiveScale object storage to a select group of S3 targets that can provide robust ransomware protection for our joint customers."More
Story image
Cyber-risk to critical infrastructure reaches all-time high — report
New research from Nozomi Networks Labs found that attackers are doubling down on high-value targets and weaponising the software supply chain.More