The most discussed topics on hacker forums are SQL Injection and distributed denial-of-service (DDOS) attacks, both occupying 19% of the discussion volume, new research shows.
SQL Injection are a favorite attack vector because security solutions deployed by organizations don’t even know how to identify such attacks, according to a report by security solutions provider Imperva in its 13th Hacker Intelligence Initiative report. The report is the result of analysis of some popular hacker forums, including one considered to be the largest (250,000 members).
Another hot topic among hackers is social networks because these sites are not only an important source of information, but they also provide the means to make a profit, the report said.
Facebook is the most discussed (39%), followed by Twitter (37%), and Myspace (15%). Google+ and LinkedIn show up in only 5%, respectively 4%, of the social media-related threads.
The practice of selling adult content has also become highly popular, over 13,000 threads uncovered in one forum alone. The cyber criminals pose as females and offer adult pictures of themselves in exchange for certain amounts of money.
The figures from the study show a large majority of threads focus on beginner hacking, tools, website and forum hacking, tutorials, and botnets.
Hacker forums also end up as a job posting site. In once case, a thread called “Are you good with SQLi and want to make $600 in a couple of days?!?” offers “a LOT of money via LibertyReserve” to anyone willing to work for 20 minutes each day.
“By examining what information hackers seek out or share in these forums, we can better understand where they are focusing their efforts. If organizations neglect SQL injection security, we believe that hackers will place more focus on those attacks,” said Amichai Shulman, CTO of Imperva.