Hudson Rock researchers have unveiled a significant leakage of hackers’ accounts into the public domain. Scrutinizing various leaks and breached databases, they discovered that around 120,000 compromised systems held credentials related to cybercrime forums – indicating that these accounts belonged to hackers themselves.
Unintended Consequences: Hackers Trapped by Their Own Tactics
Interestingly, cybercriminals often fell victim to their own malevolent activities. The study found instances where hackers unintentionally infected their computers with malware meant for others, leading to the theft of their login credentials by fellow criminals.
The dynamic also involves hackers inadvertently downloading malicious software and malware builders embedded with infostealers from forums, making them targets for other hackers.
Antivirus programs initially label many hacker tools as malicious, leading cybercriminals to disregard or disable the warnings to preserve crucial files. Trust in the credibility of sources, rather than security software alerts, often guides their behavior.
Hudson Rock specialists analyzed leaked data from public sources and directly from malware-distributing hackers, providing a comprehensive understanding of compromised accounts and shedding light on intriguing patterns.
For instance, findings revealed that over 57,000 users possessed accounts on the widely used hacker forum Nulled. Other major forums included Cracked with 19,000 leaked profiles and Hack Forums with 13,000.
Passwords on BreachForums, previously a prominent underground hub, displayed a mix of strengths. While more than 40% of passwords consisted of 10 or more characters, encompassing numbers, letters, and special characters, some were as simple as numeric sequences.
The narrative of experienced hackers inadvertently becoming victims emphasizes the importance of cautiousness. Hudson Rock’s experts advocate for robust passwords, antivirus programs (and heeding their warnings), and general cybersecurity awareness to mitigate identity exposure.