Unveiling the Underground: Insights into Cybercrime Forums from Info-Stealer Infections
Unmasking Cybercrime Forums: Insights from Info-Stealer Infections by Hudson Rock
Discoveries and Insights:
Hudson Rock's research yielded several intriguing findings:
Infected Computers and Forum Credentials: Out of the staggering 14.5 million infected computers in Hudson Rock's database, an alarming 120,000 computers were found to have credentials associated with cybercrime forums. This implies that a significant number of hackers themselves have fallen victim to info-stealing malware, exposing their identities.
Unmasking Hackers: The extensive data retrieved from compromised computers includes not only stolen credentials but also additional information like auto-fill data and system details. This wealth of data enables the identification of hackers based on their real identities, such as email addresses, usernames, addresses, and IP addresses.
Leading Cybercrime Forums: The infamous "Nulled.to" emerged as the cybercrime forum with the highest number of infected users, totaling over 57,000 compromised accounts. Following closely were "Cracked.io" and "Hackforums.net."
Password Strength Analysis: Hudson Rock's examination of forum users' passwords revealed that "Breached.to" had the strongest passwords, while the Russian site "Rf-cheats.ru" had the weakest. Interestingly, passwords used on cybercrime forums were generally stronger than those used for government websites.
Info-Stealer Infections: The research attributed the majority of info-stealer infections to three main strains: Redline, Raccoon, and Azorult. These malware strains have played a significant role in facilitating cyberattacks, demonstrating their prominence in the cybercriminal landscape.
Geographic Insights: The researchers identified the top five countries with infected computers that had at least one credential linked to a cybercrime forum. Tunisia, Malaysia, Belgium, Netherlands, and Israel were the leaders in this regard.
Surge in Info-Stealer Infections: Info-stealer infections have witnessed an alarming surge of 6000% since 2018, positioning them as the primary initial attack vector for cybercriminals. These infections serve as gateways to various cyberattacks, including ransomware, data breaches, account takeovers, and corporate espionage.
Conclusion:
Hudson Rock's analysis of cybercrime forums through the lens of info-stealer infections reveals the intricate connections between compromised computers, forum credentials, and the evolving cyberthreat landscape. The research underscores the importance of staying vigilant against the growing menace of cybercrime and highlights the need for robust cybersecurity measures to safeguard individuals, organizations, and sensitive data from falling prey to malicious actors on the dark corners of the internet.