Connect with us

Hi, what are you looking for?

White Papers

Criminal community-sponsored contests mirror cybercrime trends – Sophos

Early cybercrime contests involved trivia quizzes, graphic design competitions and guessing games. Now criminal forums are inviting attackers to ‘submit’ articles on technical topics, complete with source code, videos, and/or screenshots.

Sophos, a global leader in innovating and delivering cybersecurity as a service, recently announced that it has uncovered how research contests run by cybercrime forums are helping to inspire new methods of attack and detection evasion. The contests mirror legitimate security conference ‘Call For Papers’ and provide the winners considerable financial rewards and recognition from peers and also potential jobs. As outlined in Sophos X-Ops latest report, “For the Win? Offensive Research Contests on Criminal Forums,” these contests are designed to drive innovation, and when analyzed, the entries provide invaluable insight into how cybercriminals attempt to overcome security obstacles.

Despite the long-standing nature of competitions on criminal forums, they have evolved over the years. Early cybercrime contests involved trivia quizzes, graphic design competitions and guessing games. Now criminal forums are inviting attackers to ‘submit’ articles on technical topics, complete with source code, videos, and/or screenshots. Once submitted, all forum users are invited to vote for the contest winner. However, the judging is not completely transparent as the forum owners and contest sponsors have their own votes in the matter.

“The fact that cybercriminals are running, participating, and even sponsoring these contests, suggests that there is a community goal to advance their tactics and techniques. There is even evidence to suggest that these competitions act as a tool for recruitment amongst prominent threat actor groups,” said Christopher Budd, director of threat research, Sophos. “While our research shows an increased focus on Web-3 related topics such as cryptocurrency, smart contracts and NFTs, many of the winning entries had a broader appeal and could be put to practical use, even if they weren’t particularly novel. This may be reflective of the priorities of the community but could indicate that attackers keep their best research to themselves as they can profit more from using them in real-world attacks.”

Sophos X-Ops explored two prominent annual contests: one run by the Russian-language cybercrime forum Exploit, offering a total prize fund of $80,000 to the winner of its contest in 2021, and another run on the XSS forum, with a prize pool of $40,000 in 2022. For several years, prominent members of the cybercriminal community have sponsored these events, including All World Cards and Lockbit. In the most recent contests, Exploit themed its competition around cryptocurrencies, while XSS opened its contest up to a range of topics from social engineering and attack vectors to evasion and scam proposals. Many of the winning entries focused on abusing legitimate tools such as Cobalt Strike. One runner-up shared a tutorial on targeting initial coin offerings (ICOs) to raise funds for a new cryptocurrency and another on manipulating privilege tokens to disable Windows Defender.  

Advertisement. Scroll to continue reading.

Advertisement
Advertisement
Advertisement

Like Us On Facebook

You May Also Like

White Papers

Titled "An Infrastructure-Based Approach to Advance Digital Equity in South-East Asia", the whitepaper identifies connectivity challenges from an infrastructure provider’s perspective in three key economies,...

White Papers

Gaps in telemetry decrease much-needed visibility into organizations’ networks and systems, especially since attacker dwell time (the time from initial access to detection) continues...

White Papers

In addition to the 200 most common passwords worldwide and comparison among 35 countries, this year the study explored what passwords people use for...

HEADLINES

There is a well-established perception that human error is one of the main causes of cyber incidents in business. But things are not as...

HEADLINES

Keeper Security CEO and co-founder Darren Guccione shares his thoughts on some of the trends that will prevail in 2024. He cites the rise...

White Papers

For those retail organizations that paid the ransom, their median recovery costs (not including the ransom payment) were four times the recovery costs of...

White Papers

This is the highest rate of encryption in the past three years and a significant increase from the 61% of healthcare organizations that reported...

Phones

Recently released on One UI 6 as part of Samsung Galaxy’s expanded arsenal of security and privacy innovations, Auto Blocker is an opt-in package...

Advertisement