Social networks continuing to help cyber-crime thrive

Social networks are providing a popular platform for a hacker-driven underground economy says US security firm Imperva, in its ‘Monitoring Hacker Forums’ report analysing the latest trends among cyber-criminals.

In an attempt to get under the bonnet of the security landscape, Imperva investigated prominent hacker forums, including a site with around 250,000 members, to understand the preferred threats and methods currently being adopted by cyber-criminals. In addition to finding how frequently social networks were brought up in discussion, researchers noted that SQL injections are now ranking alongside DDoS attacks as the most talked about methods of compromise.

Facebook’s extraordinary 1 billion-strong user base makes it the most heavily discussed social network within the hacker community, with 39 per cent of forum threads mentioning the site, while Twitter – which played a host to a recent malware campaign – followed closely behind with 37 per cent. These platforms are typically used as a black market for buying and selling illegitimate ‘likes’ and ‘follows’ says Imperva, supporting recent findings uncovered by Barracuda Labs.

Imperva also reports that ‘E-whoring’ is becoming one of the most common methods for beginner cyber criminals to make easy money, as users masquerade behind fake personas, usually female, to sell pornographic content. More than 13,000 threads on E-whoring were found on one forum alone.

Delving into attack methods, Imperva’s research provided more evidence that simple data-flooding DDoS campaigns are most popular, with 20 per cent of threads discussing these attacks. But focus on SQL injections has risen with the method charting as the second most discussed among hackers, followed by shell code, spam, and brute-force attacks.

“By examining what information hackers seek out or share in these forums, we can better understand where they are focusing their efforts,” said Amichai Shulman, CTO of Imperva. “If organisations neglect SQL injection security, we believe that hackers will place more focus on those attacks.”