{"id":230570,"date":"2021-04-19T15:00:38","date_gmt":"2021-04-19T12:00:38","guid":{"rendered":"https:\/\/en.buradabiliyorum.com\/the-worrying-rise-of-hackers-for-hire-cloudsavvy-it\/"},"modified":"2021-04-19T15:00:38","modified_gmt":"2021-04-19T12:00:38","slug":"the-worrying-rise-of-hackers-for-hire-cloudsavvy-it","status":"publish","type":"post","link":"https:\/\/buradabiliyorum.com\/en\/the-worrying-rise-of-hackers-for-hire-cloudsavvy-it\/","title":{"rendered":"#The Worrying Rise of Hackers For Hire \u2013 CloudSavvy IT"},"content":{"rendered":"<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_85 counter-hierarchy ez-toc-counter ez-toc-custom ez-toc-container-direction\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<label for=\"ez-toc-cssicon-toggle-item-6a3ad752be7b3\" class=\"ez-toc-cssicon-toggle-label\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #dd3333;color:#dd3333\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #dd3333;color:#dd3333\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/label><input type=\"checkbox\"  id=\"ez-toc-cssicon-toggle-item-6a3ad752be7b3\" checked aria-label=\"Toggle\" \/><nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/buradabiliyorum.com\/en\/the-worrying-rise-of-hackers-for-hire-cloudsavvy-it\/#Hiding_on_the_Dark_Web\" >Hiding on the Dark Web<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/buradabiliyorum.com\/en\/the-worrying-rise-of-hackers-for-hire-cloudsavvy-it\/#Searching_for_Hackers\" >Searching for Hackers<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/buradabiliyorum.com\/en\/the-worrying-rise-of-hackers-for-hire-cloudsavvy-it\/#The_Pandemic_Strikes_Again\" >The Pandemic Strikes Again<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/buradabiliyorum.com\/en\/the-worrying-rise-of-hackers-for-hire-cloudsavvy-it\/#Why_Websites\" >Why Websites?<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/buradabiliyorum.com\/en\/the-worrying-rise-of-hackers-for-hire-cloudsavvy-it\/#Security_Measures\" >Security Measures<\/a><\/li><\/ul><\/nav><\/div>\n<p><strong>&#8220;#The Worrying Rise of Hackers For Hire \u2013 CloudSavvy IT&#8221;<\/strong><\/p>\n<div id=\"article-content-area\">\n<img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-10747\" data-pagespeed-lazy-src=\"https:\/\/www.cloudsavvyit.com\/p\/uploads\/2021\/04\/d016f671.png?width=1200&amp;trim=1,1&amp;bg-color=000&amp;pad=1,1\" alt=\"\" width=\"650\" height=\"325\" src=\"\/pagespeed_static\/1.JiBnMqyl6S.gif\" onload=\"pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon(this);\" onerror=\"this.onerror=null;pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon(this);\"\/><\/p>\n<p>What\u2019s behind the surge in people hiring hackers on the dark web? What type of systems are they targeting and who is at risk? We rummage through the dark web for answers.<\/p>\n<h2 id=\"hiding-on-the-dark-web\"><span class=\"ez-toc-section\" id=\"Hiding_on_the_Dark_Web\"><\/span>Hiding on the Dark Web<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>If you know where to look you can find a hacker-for-hire who\u2019ll h<a href=\"https:\/\/buradabiliyorum.com\/en\/category\/download-scripts-themes-apps\/\" data-internallinksmanager029f6b8e52c=\"9\" title=\"Download Scripts &amp; Themes &amp; Apps\" target=\"_blank\" rel=\"noopener\">app<\/a>ily take your money in exchange for committing cybercrimes for you. There are many places on the dark web where hackers advertise their dubious services. These hacking forums and dark web market places have existed for many years. They\u2019re hardly new. What is new is the sudden increase in postings from people looking for hackers to do their dirty work for them.<\/p>\n<p>Getting onto the dark web isn\u2019t too difficult. You just need to use the right tools. The dark web is made up of a <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/watch-movies-tv-seriess\/\" data-internallinksmanager029f6b8e52c=\"8\" title=\"Watch Movies &amp; TV Series\" target=\"_blank\" rel=\"noopener\">series<\/a> of overlay networks called darknets. These piggyback on the regular internet infrastructure but use their own set of protocols and routing nodes known as relays. Darknet web addresses have unusual suffixes like \u201c.onion\u201d and \u201c.i2p.\u201d<\/p>\n<p>Darknets give you two cool superpowers: anonymity and invisibility. Darknet protocols are encrypted so no one can see your internet traffic, and darknet routing nodes employ other tricks to make back-tracing and identifying your IP address virtually impossible.<\/p>\n<p>Like most things, a darknet is neither good nor bad\u00a0<em>per se<\/em>. There are many non-criminal users of darknets, too. Dissidents in repressive regimes use them to communicate with the rest of the world. Whistleblowers, activists, and even the military use darknets for legitimate reasons. Many <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/news\/\" data-internallinksmanager029f6b8e52c=\"2\" title=\"News\" target=\"_blank\" rel=\"noopener\">news<\/a>papers maintain a dark web portal so anonymous sources can protect their identity while they deliver stories and tip-offs. It\u2019s the anonymity of darknets that make them such attractive haunts for criminals of all types.<\/p>\n<p>The\u00a0<a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/geti2p.net\/en\/\">Invisible Internet Project<\/a>\u00a0(I2P),\u00a0<a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/freenetproject.org\/index.html\">FreeNet<\/a>, and the\u00a0<a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.torproject.org\/\">Tor Project<\/a>\u00a0are among the best-known darknets. The Tor darknet is the one that has proven most attractive to criminals.<\/p>\n<p><strong>RELATED:<\/strong> <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.howtogeek.com\/423866\/how-to-install-and-use-the-tor-browser-on-linux\/\"><strong><em>How to Install and Use the Tor Browser on Linux<\/em><\/strong><\/a><\/p>\n<h2 id=\"searching-for-hackers\"><span class=\"ez-toc-section\" id=\"Searching_for_Hackers\"><\/span>Searching for Hackers<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>The Tor browser will get you as far as the Tor darknet. Used with a\u00a0<a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/en.wikipedia.org\/wiki\/Virtual_private_network\">Virtual Private Network<\/a>\u00a0(VPN) your real identity will be as cloaked as it can be. So you\u2019re on the darknet. Now what? There\u2019s nothing like Google for the dark web. You can\u2019t search for where you want to go. You need to know the web address of the marketplace or site that you intend to visit.<\/p>\n<p>Getting to grips with the Tor browser, VPNs, and \u201c.onion\u201d sites is achievable\u2014with a bit of determination\u2014for most moderately internet-savvy people. Locating a forum or marketplace where hackers-for-hire advertise their availability and expertise shouldn\u2019t be beyond them either. The real difficulty is knowing which posts are scams.<\/p>\n<p>How do you know the hacker\u2014if they are even a hacker at all\u2014won\u2019t simply take your money and do nothing? And how does the hacker know you\u2019re not law enforcement trying to entrap them? That\u2019s the problem with doing dodgy deals in the digital equivalent of a back alley at night. How do you know you\u2019ve found a criminal you can trust? It\u2019s quite the oxymoron.<\/p>\n<p>But even if the majority of posts promoting hacking services are scams, the rest are real. There are escrow services available on darknets. They hold the money for deals until both sides are satisfied their business has been completed to their mutual satisfaction. But whether or not some proportion of posts by hackers are scams, that doesn\u2019t explain the upturn in posts from potential customers looking for hackers.<\/p>\n<p>Customers part with money, they don\u2019t ask for it. So they have nothing to gain by being fake. Law enforcement agencies use more subtle strategies to try to dupe hackers. A fake advert from a prospective customer is far too blunt an instrument to have much hope of success.<\/p>\n<figure style=\"width: 366px\" class=\"wp-caption alignnone\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-10729 size-full\" data-pagespeed-lazy-src=\"https:\/\/www.cloudsavvyit.com\/p\/uploads\/2021\/04\/4a47a0db-1.png?trim=1,1&amp;bg-color=000&amp;pad=1,1\" alt=\"Dark web advert for hacking services\" width=\"366\" height=\"390\" src=\"\/pagespeed_static\/1.JiBnMqyl6S.gif\" onload=\"pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon(this);\" onerror=\"this.onerror=null;pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon(this);\"\/><figcaption class=\"wp-caption-text\">Dark web marketplace advert for hacking services<\/figcaption><\/figure>\n<h2 id=\"the-pandemic-strikes-again\"><span class=\"ez-toc-section\" id=\"The_Pandemic_Strikes_Again\"><\/span>The Pandemic Strikes Again<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>A report by\u00a0<a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.ptsecurity.com\/ww-en\/analytics\/custom-hacking-services\/\">Positive Technologies<\/a>\u00a0suggests that about 90 percent of posts are by customers looking for hackers, and about 7 percent are by hackers looking for commissions. Since March 2020 they\u2019ve seen the number of posts from customers rise and rise. Around 70 percent of inquiries are looking for hackers to attack websites.<\/p>\n<p>The pandemic triggered a widespread and rapid change to working from home. Remote access, web portals, and Software-as-a-Service were suddenly hot topics for organizations that had never had to provide\u2014nor contend with the security of\u2014this type of service and extended IT estate.<\/p>\n<p>Cybercriminals are opportunistic and nimble. They can exploit new trends almost as fast as the trends appear. If the corporate online world has become larger\u2014and in haste\u2014they\u2019re not going to pass that up. They\u2019ll look for ways to exploit it. If they have the skills, that is. Because of the availability of attack software and malware kits, it is easy for even the low-skilled to commit cybercrimes.<\/p>\n<figure style=\"width: 611px\" class=\"wp-caption alignnone\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-10730 size-full\" data-pagespeed-lazy-src=\"https:\/\/www.cloudsavvyit.com\/p\/uploads\/2021\/04\/fb5c81ed-1.png?trim=1,1&amp;bg-color=000&amp;pad=1,1\" alt=\"Dark web hacking services price list\" width=\"611\" height=\"283\" src=\"\/pagespeed_static\/1.JiBnMqyl6S.gif\" onload=\"pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon(this);\" onerror=\"this.onerror=null;pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon(this);\"\/><figcaption class=\"wp-caption-text\">Dark web hacking services price list<\/figcaption><\/figure>\n<p>But the lowest tier of cybercriminals has neither the knowledge nor skills to discover vulnerabilities nor to create their own exploits. But if they can get someone else to gain access to a website or network they can then step in and take control from that point. It\u2019s the obvious way for the lower-tier threat actors to commit crimes that\u2014end to end\u2014are much too complex for them.<\/p>\n<p>They simply contract out the hard parts. It\u2019s the end result that counts. And the easiest way to that end result is always going to be the preferred route.<\/p>\n<h2 role=\"heading\" aria-level=\"2\"><span class=\"ez-toc-section\" id=\"Why_Websites\"><\/span>Why Websites?<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Websites are a prime target. They often hold databases of email addresses and passwords. These can be used to access the accounts on the compromised website, but they\u2019re also perfect for feeding into credential stuffing software for brute force attacks on other websites. The database may hold other information that makes identity theft a possibility, or it might hold credit card details or other payment details.\u00a0This information can be used by the threat actor for further cybercrime or it can be sold on the dark web.<\/p>\n<p>The website may be compromised with malicious scripts such as keystroke recorders to catch credit card details and other sensitive information.\u00a0 If the website is hosted on a server connected to the corporate network it could be used as a stepping-stone to the corporate infrastructure.<\/p>\n<p>The other reason is that websites tend to be an easy nut to crack. A <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.ptsecurity.com\/ww-en\/analytics\/web-vulnerabilities-2020\/\">report from 2020<\/a> showed that 50 percent of websites have 4 or more critical vulnerabilities. These are documented flaws that the threat actors know about and for which there are off-the-shelf exploits. In other words, 50 percent of websites aren\u2019t closed and secure, they\u2019re wide open.<\/p>\n<p>As depressing as that thought is, it\u2019s actually an improvement on the previous year. In <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/general\/\" data-internallinksmanager029f6b8e52c=\"3\" title=\"General\" target=\"_blank\" rel=\"noopener\">general<\/a>, the figure is falling every year. Probably because organizations are starting to listen to the general cybersecurity message.<\/p>\n<figure style=\"width: 427px\" class=\"wp-caption alignnone\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-10733 size-full\" data-pagespeed-lazy-src=\"https:\/\/www.cloudsavvyit.com\/p\/uploads\/2021\/04\/10fb15c7.png?trim=1,1&amp;bg-color=000&amp;pad=1,1\" alt=\"List of hacking services found on a dark web market place\" width=\"427\" height=\"254\" src=\"\/pagespeed_static\/1.JiBnMqyl6S.gif\" onload=\"pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon(this);\" onerror=\"this.onerror=null;pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon(this);\"\/><figcaption class=\"wp-caption-text\">List of hacking services found on a dark web market place<\/figcaption><\/figure>\n<h2 role=\"heading\" aria-level=\"2\"><span class=\"ez-toc-section\" id=\"Security_Measures\"><\/span>Security Measures<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Following these steps will help prevent you from being a victim to an off-the-shelf hacker:<\/p>\n<ul>\n<li><strong>Probe Your Own Defenses<\/strong>: Before the threat actors do it for you, conduct penetration testing on your websites and portals and act on the findings. Perform the required re<a href=\"https:\/\/buradabiliyorum.com\/en\/category\/social-mediaa\/\" data-internallinksmanager029f6b8e52c=\"1\" title=\"Social Media\" target=\"_blank\" rel=\"noopener\">media<\/a>tion, and repeat the testing until you have driven down your susceptibility to acceptable levels.<\/li>\n<li><strong>Set a Frequency for Penetration Testing<\/strong>: How frequently you need to repeat the penetration testing should be based on your budget and the risk and impact of a successful attack. Annually, biannually, and quarterly are common testing cycles.<\/li>\n<li><strong>Pay Attention to Custom Software<\/strong>: If you have custom software running on your website pay special attention to the architecture, platforms, and frameworks that it makes use of. These underlying technologies need to be patched and kept up to date, just like your operating systems and other software.<\/li>\n<li><strong>Consider a Web Application Firewall<\/strong>: A web application firewall sits between the outside world and your website. It analyzes all HTTP\/S traffic arriving at your website and filters out malicious activity.<\/li>\n<li><strong>Don\u2019t Forget the Basics<\/strong>: Good cyber hygiene should be maintained. Encrypt databases, use robust passwords for web administration accounts, and patch frequently and thoroughly.<\/li>\n<\/ul>\n<\/div>\n<blockquote><p><strong><span style=\"color: #ff6600;\">If you liked the article, do not forget to share it with your friends. Follow us on\u00a0<span style=\"color: #ff0000;\"><a style=\"color: #ff0000;\" href=\"https:\/\/news.google.com\/publications\/CAAqBwgKMLG0nwswvr63Aw\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">Google News<\/a><\/span>\u00a0too, click on the star and choose us from your favorites.<\/span><\/strong><\/p><\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\">For forums sites go to <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/forum.buradabiliyorum.com\/\" target=\"_blank\" rel=\"noopener\">Forum.BuradaBiliyorum.Com<\/a><\/span><\/strong><\/p>\n<\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\"><strong>If you want to read more like this article, you can visit our <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/en.buradabiliyorum.com\/technology\/\" target=\"_blank\" rel=\"noopener\">Technology category.<\/a><\/span><\/strong><\/p>\n<\/blockquote>\n<p><span style=\"color: black;\"><a style=\"color: #ff9900;\" href=\"https:\/\/www.cloudsavvyit.com\/10723\/the-worrying-rise-of-hackers-for-hire\/\" target=\"_blank\" rel=\"noopener\">Source<\/a><\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>&#8220;#The Worrying Rise of Hackers For Hire \u2013 CloudSavvy IT&#8221; What\u2019s behind the surge in people hiring hackers on the dark web? What type of systems are they targeting and who is at risk? We rummage through the dark web for answers. Hiding on the Dark Web If you know where to look you can&#8230;<\/p>\n","protected":false},"author":1,"featured_media":230571,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/www.cloudsavvyit.com\/p\/uploads\/2021\/04\/d016f671.png","fifu_image_alt":"","footnotes":""},"categories":[18],"tags":[],"class_list":["post-230570","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-technology"],"_links":{"self":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/230570","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/comments?post=230570"}],"version-history":[{"count":0,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/230570\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media\/230571"}],"wp:attachment":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media?parent=230570"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/categories?post=230570"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/tags?post=230570"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}