Monday, July 30, 2018

Hacking Forums

My terrifying deep dive into one of Russia's largest hacking forums

Dylan Curran

I spent three weeks studying FreeHacks, one of the dark web’s biggest platform for hackers. From passports to credit cards, nothing is safe

รข€˜I spent three weeks studying and translating FreeHacks, one of the largest hacking forums on the Internet.
 ‘I spent three weeks studying and translating FreeHacks, one of the largest hacking forums on the internet.’ Photograph: screengrab

The darknet (or dark web) is one of the most fascinating vestiges of humanity we’ve ever seen. It’s an aggregated swamp of all the darkest aspects of internet activity – child abuse images, drug markets, gun shops, gore smut, stolen merchandise, anarchist guides, terrorist chats, identity theft, hacking services …


I’m going to focus on the most potent of these tiers – hacking services.

I spent three weeks studying and translating FreeHacks, one of the largest hacking forums on the internet. It’s a Russian community which aims to collectively gather its resources in order to maximize efficiency and knowledge dispersement.

It works the same as any typical forum, you open up TOR (a specialized browser for browsing the dark web), paste in the URL, and land on a home page with various sub-forums split into different categories. The categories are varied and well-divided:

  • Hacker world news
  • Humor
  • Hacking and security
  • Carding (stealing credit cards and trying to cash them out on the internet)
  • Botnet (a network of bots used to steal data and send spam, or perform DDOS attacks)
  • Electronics and phreaking (phreaking is trying to break someone’s security network)
  • Brutus (software used to crack passwords)
  • DDOS (overwhelming a server with requests to shut it down)
  • SEO-optimization
  • Programming
  • Web development
  • Malware and exploits
  • Private software
  • Clothing market (people who use stolen credit cards to buy clothes and resell them)
  • Financial operations
  • Documentation (passports, driving licenses, citizenships)
  • Blacklist (a community judicial system).

As you can see, this forum covers a dizzying amount of illegal activity. The entire forum is in Russian – and has about 5,000 active members. This is just the tip of the iceberg, too; every sub-forum is split even further into dozens of other sub-forums. To document everything here would take me at least six months and encompass a full book.

A screengrab of the forum.
 A screen grab of the forum. Photograph: - screengrab

When you attempt to register on the site, you’re met with a mission statement of sorts – a weird justification method for their own illegal activities. It seems pathological and ironic; these hackers who essentially get paid to make life more difficult for people try to justify it with a beguiling proclamation.

The word ‘hacker’ is incorrectly used in the meaning of ‘computer burglar’ by some journalists. We, hackers, refuse to accept such an interpretation of it and continue to imply the meaning of ‘someone who likes to program and enjoy it’

After reading the above categories, do you think these people just enjoy some casual software development?

Once you go through the rigorous registration process where you have to declare why you want to join the forum, and what software development skills you have and want to learn, you are granted access to this treasure trove of illicit information.

For this article, I’m going to focus primarily on the hacking and security sub-forum.

The very first post I clicked on to is: “How to get someone’s physical address.” Not the most comforting topic to start off with, but here we are.

A video is posted detailing a step-by-step process to reverse-query addresses, and cross-reference them against other websites. The method uses various sites such as whois.com and some credit check websites. (That’s as much information as I can give without giving the tutorial myself.) Multiple users have a back-and-forth with one another, discussing the pros and cons of this method, as well as how to make it more efficient.

One user leaves a thorough dissection expanding on the current method. It allows the perpetrator to use a phishing website to grab the person’s location via the wifi access points around them. I can’t verify if this method works, but the Russian users certainly seem to think it does.

The next thread I ventured into is “The Grandfather’s Way of Hacking”, an eccentric title if I’ve ever seen one. Perhaps my Russian-English translating software is acting out, but I’ll take what it gives me.

The user describes how people have a distorted view of hackers, how they hack remote computers in basements by simply smashing their keyboard. They goes on to describe how the easiest method of penetration occurs through knowing the IP address of the target computer. Using Shared Resources, you can easily penetrate the fortified walls of a PC. The easiest method, however, is social engineering.

 It’s fascinating to see how this community works together to take down 'western' systems and divulge chaos and profit from it

Social engineering, in terms of hacking, is when you use some clever psychology to make a member of a company trust you and bypass security protocol. A common one is to ring the customer support of a company, and mask your number to mimic that of an internal phone number. You then play the fool and say you can’t access a website where you normally could have, and that it’s important to access it for an angry client.

You then give the customer support agent a link to the website. The catch, is that you have made a fake website which has a Trojan ready to be deposited on to the agent’s computer. The hacker then has access to the company’s internal network.

This thread gives great detail in how to carry this out, going into a tutorial of how to mask your phone number, using IP range scanners, which Trojan viruses to use, what can be gained once you access the computer and how to get in, download everything and get out as quickly as possible.

It’s incredibly comprehensive, and the other Russian users thank him kindly and comment about how concise and informative this chaos-wreaking method is.

In 2016, a Turkish citizen hacked the Turkish government’s ID system and downloaded the national ID, name, address, date of birth and mother and father’s name of 49.6 million citizens. It was one of the biggest hard leaks we have ever seen.

A member of this forum took credit for it, and posted links to the download of the Turkish citizen’s information. I have no doubt it’s true, judging from the user’s post history.

It’s fascinating to see how this community works together to take down “western” systems and derive chaos and profit from it. Typically, hackers in first-world countries are terrified to work together due to the multiplicative risk of a group being caught. In Russia, however, the authorities don’t seem to care that these hackers are wreaking havoc on the west. They are left to their own devices, and most users on this forum have been regular members for over six years.

A lot of the information on this forum is incredibly worrying, even if a lot of it is harmless 15-year-olds trying to be edgy and hack their friend’s phones. In any case, it’s important to know these communities exist. The dark underbelly of the internet isn’t going anywhere.

No comments:

Post a Comment