In one of my last posts, I talked about how the hacker “La Citrix” infected his own computer with an info stealer and later sold his own data by mistake. This time again, Hudon Rock which describes itself as “an Israeli Cybercrime Intelligence Company” that specializes in sourcing credentials from threat actors which are compiled to create monitoring and notification products for security professionals takes this to another level. Hudson Rock claims that there are over 100,000 hackers who have been exposed in top cybercrime forums whose computers were infected by info-stealing malicious software.
This comes after their analysis of about 120,000 computers that have been infected with info stealer malware. Many of these belonged to hackers that had credentials associated with cybercrime forums. In essence, the hackers that frequent these cybercrime forums are not taking adequate steps to protect themselves from being victims of their own orchestrated wrongdoings within the community.
As per the last post of “La Citrix” the vast amount of information that is leaked through these info stealers is sufficient enough to pinpoint the real identities of these hackers based on certain indicators. Hudson Rock points out the following:
- Additional credentials found on the computers (additional emails, usernames).
- Auto-fill data containing personal information (names, addresses, phone numbers).
- System information (computer names, IP addresses).
Based on their research the following cybercrime forums consisted of the compromised hacker accounts.
- Nulled.to had the highest number with 57,103 compromised accounts.
- Cracked.io followed next.
- Hackforums.net followed in the top three.
According to Hendery (2023) at CyberRisk Alliance Resource this goes to show that hackers are only slightly better at choosing strong passwords. Hendery points out the following:
- 21.1% of these cybercrime forum users use strong passwords with at least 10 characters and four types of characters when compared to 15.5% of government workers.
- Military staff surpasses both at 22.3%
Ultimately, we can say that hackers aren’t immune. Top info-stealer infections can be credited to Redline, Raccoon, Azorult, and Vidar as the top four. According to Hudson Rock “Info-stealer infections as a cybercrime trend surged by an incredible 6000% since 2018, positioning them as the primary initial attack vector used by threat actors to infiltrate organizations and execute cyberattacks, including ransomware, data breaches, account overtakes, and corporate espionage.” And well now it’s one of the ways that has helped Hudson Rock begin to identify some of these hackers behind the scenes.
The top five countries with infected hackers were Tunisia (7.55% of total infections in the country), Malaysia (6%), Belgium (5.14%), Netherlands (4.8%), and Israel (4.43%).
Let us wait to see how many more hackers get identified thanks to Hudson Rock.