Hack Forums
Hack Forums (often shortened to 'HF') is an internet forum.[1][2] The website ranks as the number one website in the "Hacking" category in terms of web-traffic by the analysis company Alexa Internet.[3] The site has been widely reported as facilitating criminal activity[4][5][6][7], such as the case of Zachary Shames, who in 2013 sold a keylogger which was used to steal personal information.[8]
Type of site | Forum |
---|---|
URL | https://hackforums.net |
Alexa rank | |
Commercial | Yes |
Registration | Required to access features |
Current status | Active |
Security breaches
In June 2011, the hacktivist group LulzSec, as part of a campaign titled "50 days of lulz", breached Hack Forums and released the data they obtained. The leaked data included credentials and personal information of nearly 200,000 registered users.[9]
On 27 August 2014, Hack Forums was hacked with a defacement message by an Egyptian hacker, using the online handle "Eg-R1z".[10][11]
On 26 July 2016, Hack Forums administrator ("Omniscient") warned its users of a security breach.[12] In an e-mail he suggested users to change their passwords and enable 2FA.[13]
Botnets, arrests and hacking tools
According to a press release[8] from the U.S. Department of Justice, Zachary Shames developed a keylogger in 2013 that allowed users to steal sensitive information, including passwords and banking credentials, from a victim's computer. Shames developed the keylogger known as "Limitless Logger Pro", which was sold for $35 on Hack Forums.[14][15][16]
On 12 August 2013, hackers used SSH brute-force to mass target Linux systems with weak passwords. The tools used by hackers were then later posted on hacking community, called, "Hack Forums".[17]
On 15 May 2014, the FBI targeted customers of a popular Remote Administration Tool (RAT) called 'Blackshades'.[18] Blackshades RAT was malware created and sold on Hack Forums.[2]
On 14 January 2016, the developer of the MegalodonHTTP Botnet was arrested. MegalodonHTTP included a number of features as "Binary downloading and executing", "Distributed Denial of service (DDoS) attack methods", "Remote Shell", "Antivirus Disabling", "Crypto miner for Bitcoin, Litecoin, Omnicoin and Dogecoin". The malware was sold on Hack Forums.[19]
On 22 September 2016, many major websites were forced offline after being hit with “Mirai”, a malware that targeted unsecured Internet of Things (IoT) devices.[20] The source code for Mirai was published on Hack Forums as open-source.[21] In response, on 26 October 2016, Omniscient, the administrator of Hack Forums, removed the DDoS-for-Hire section from the forum permanently.[22][23][24]
On 21 October 2016, popular websites, including Twitter, Amazon, Netflix, were taken down by a distributed denial-of-service attack. Researchers claimed that the attack was stemmed from contributors on Hack Forums.[25]
On Monday, 26 February 2018, Agence France-Presse (AFP) reported[26] that Ukrainian authorities had collared Avalanche cybercrime organizer Gennady Kapkanov, who was allegedly living under a fake passport in Poltava, a city in central Ukraine. He marketed the Remote Administration Tool (NanoCore RAT) and another software licensing program called Net Seal exclusively on Hack Forums.[27] Earlier, in December 2016, the FBI had arrested Taylor Huddleston, the programmer who created NanoCore and announced it first on Hack Forums.[28]
On 31 August 2018, several users on Hack Forums reported to have received an E-Mail from Google informing them that the FBI demanded the release of user data which linked to the case of LuminosityLink.[29]
Critical reception
According to CyberScoop's Patrick Howell O'Neill, "The forum caters mostly to a young audience who are curious and occasionally malicious, but still learning... Furthermore, HackForums is the kind of internet community that can seem impenetrable, even incomprehensible, to outsiders. It has a reputation for being populated by trolls, chaos-driven children and brazen criminal activity."[2]
References
- "'Bustling' web attack market shut down". BBC News. 3 November 2016. Archived from the original on 18 July 2018. Retrieved 3 June 2018.
- Patrick Howell O'Neill (31 October 2016). "Inside HackForums' rebellious cybercrime empire". Cyberscoop. Archived from the original on 6 July 2018. Retrieved 2 June 2018.
- "Alexa - Top Sites by Category: Top/Computers/Hacking". www.alexa.com. Archived from the original on 5 August 2019. Retrieved 5 August 2019.
- "'LuminosityLink RAT' Author Pleads Guilty — Krebs on Security". Retrieved 30 May 2020.
- "Bug Bounty Hunter Ran ISP Doxing Service — Krebs on Security". Retrieved 30 May 2020.
- "The Rise of "Bulletproof" Residential Networks — Krebs on Security". Retrieved 30 May 2020.
- "DDoS-for-Hire Boss Gets 13 Months Jail Time — Krebs on Security". Retrieved 30 May 2020.
- "College Student Pleads Guilty To Developing Malicious Software". www.justice.gov (Press release). 13 January 2017. Archived from the original on 7 July 2018. Retrieved 2 June 2018.
- "Have I Been Pwned: Pwned websites". haveibeenpwned.com. Archived from the original on 3 October 2015. Retrieved 11 July 2018.
- Wei, Wang. "Popular Hackforums Website Defaced by Egyptian Hacker". The Hacker News. Archived from the original on 13 July 2018. Retrieved 2 June 2018.
- Gurung, Vivek. "HackForums.net hacked and deface by Egyptian hacker". Cyber Kendra - Hacking News and Tech Updates. Archived from the original on 13 July 2018. Retrieved 13 July 2018.
- Murdock, Jason (4 May 2016). "HackForums may have just been hacked". International Business Times UK. Archived from the original on 12 July 2018. Retrieved 3 June 2018.
- "Troy Hunt on Twitter". Twitter. Retrieved 3 June 2018.
- Khandelwal, Swati. "Student Faces 10 Years In Prison For Creating And Selling Limitless Keylogger". The Hacker News. Archived from the original on 7 July 2018. Retrieved 2 June 2018.
- "Student Hacker Faces 10 Years in Prison For Spyware That Hit 16,000 Computers". Motherboard. 13 January 2017. Archived from the original on 7 July 2018. Retrieved 3 June 2018.
- Franceschi-Bicchierai, Lorenzo (13 January 2017). "Student Hacker Faces 10 Years in Prison For Spyware That Hit 16,000 Computers". Vice. Archived from the original on 14 August 2019. Retrieved 14 August 2019.
- "PSA: Improperly Secured Linux Servers Targeted with Chaos Backdoor". BleepingComputer. Archived from the original on 23 February 2018. Retrieved 21 July 2018.
- Finkle, Jim. "FBI plans cyber crime crackdown, arrests coming in weeks". U.S. Archived from the original on 13 July 2018. Retrieved 2 June 2018.
- Khandelwal, Swati. "Creator of MegalodonHTTP DDoS Botnet Arrested". The Hacker News. Archived from the original on 7 July 2018. Retrieved 2 June 2018.
- "Who is Anna-Senpai, the Mirai Worm Author? — Krebs on Security". krebsonsecurity.com. Archived from the original on 22 January 2017. Retrieved 2 June 2018.
- "How an army of vulnerable gadgets took down the web today". The Verge. Archived from the original on 16 November 2016. Retrieved 2 June 2018.
- Cimpanu, Catalin. "The Internet's Biggest Hacking Forum Removes Its DDoS-for-Hire Section". Softpedia. Archived from the original on 7 July 2018. Retrieved 3 June 2018.
- Kan, Michael. "Hacking forum cuts section allegedly linked to DDoS attacks". Computerworld. Archived from the original on 7 July 2018. Retrieved 26 June 2018.
- Waqas (29 October 2016). "HackForums delete "Server Stress Testing" amidst links with Dyn DDoS Attack". HackRead. Archived from the original on 13 July 2018. Retrieved 13 July 2018.
- "Internet Experts Issue Dire Warning to Government about the Internet of Things". The Daily Dot. 16 November 2016. Archived from the original on 13 July 2018. Retrieved 3 June 2018.
- "Ukraine arrests 'Avalanche' cybercrime organiser: police". Archived from the original on 7 July 2018. Retrieved 2 June 2018.
- "Bot Roundup: Avalanche, Kronos, NanoCore — Krebs on Security". krebsonsecurity.com. Archived from the original on 8 June 2018. Retrieved 2 June 2018.
- Poulsen, Kevin (31 March 2017). "FBI Arrests Hacker Who Hacked No One". The Daily Beast. Archived from the original on 31 May 2017. Retrieved 26 June 2018.
- "Google Notifies People Targeted by Secret FBI Investigation". Motherboard. 4 September 2018. Archived from the original on 22 September 2018. Retrieved 22 September 2018.