SQL Injections and DDOS Attacks: Most Popular Topics on Hacker Forums

Imperva report reveals what's going on on some of the largest forums

  Percentage of threads on hacking forums
Security solutions provider Imperva has released the result of its 13th Hacker Intelligence Initiative report, which is based on the analysis of some highly popular hacker forums, including one that’s considered to be one of the largest (250,000 members).

Security solutions provider Imperva has released the result of its 13th Hacker Intelligence Initiative report, which is based on the analysis of some highly popular hacker forums, including one that’s considered to be one of the largest (250,000 members).

According to experts, the most discussed topics on hacker forums are SQL Injection and distributed denial-of-service (DDOS) attacks, both occupying 19% of the discussion volume.

It’s believed that SQL Injection is a favorite attack vector because many of the security solutions deployed by organizations don’t even know how to identify such attacks.

Another hot topic among hackers is represented by social networks. That’s because these websites are not only an important source of information, but they also provide the means to make a profit.

Facebook is the most discussed (39%), followed by Twitter (37%), and, surprisingly, Myspace (15%). Google+ and LinkedIn show up in only 5%, respectively 4%, of the social media-related threads.

The practice of selling adult content has also become highly popular, over 13,000 threads being uncovered in one forum alone. The cybercriminals pose as females and offer adult pictures of themselves in exchange for certain amounts of money.

The figures from the study show that a large majority of threads are focused on beginner hacking, tools, website and forum hacking, tutorials, and botnets.

Hacker forums are also often utilized to post job offers. For instance, a thread called “Are you good with SQLi and want to make $600 in a couple of days?!?” offers “a LOT of money via LibertyReserve” to anyone willing to work for 20 minutes each day.

“By examining what information hackers seek out or share in these forums, we can better understand where they are focusing their efforts. If organizations neglect SQL injection security, we believe that hackers will place more focus on those attacks,” said Amichai Shulman, CTO of Imperva.

Comments