Vol. 7 No 1 (2022): Actes de Botconf 2021/2022
Conference proceedings

Private Clubs For Hackers: How Private Forums Shape The Malware Market

Renaud Zbinden
Institut de lutte contre la criminalité économique
Sandra Langel
Institut de lutte contre la criminalité économique
Olivier Beaudet-Labrecque
Institut de lutte contre la criminalité économique
David Décary-Hétu
Université de Montréal
Luca Brunoni
Institut de lutte contre la criminalité économique

Publiée 2022-10-04

Mots-clés

  • Malware,
  • Discussion forum,
  • Hacking

Comment citer

Zbinden, R., Langel, S., Beaudet-Labrecque, O., Décary-Hétu, D., & Brunoni, L. (2022). Private Clubs For Hackers: How Private Forums Shape The Malware Market. Le Journal De La Cybercriminalité Et Des Investigations Numériques, 7(1), 22-34. https://doi.org/10.18464/cybin.v7i1.36

Télécharger la référence bibliographique

Résumé

Offenders seek online private discussion forums where participants are screened before gaining access to connect with sophisticated peers and evade detection. Past research finds that most public discussion forum participants have a low level of technical skill and rely on more established participants for the tools and techniques they need to commit their offences. To date, research has mostly focused on public discussion forums of online offenders as gaining access to private forums comes with many challenges. The aim of this research is to describe and understand the impacts of the private nature of discussion forums on their participants’ activities. Our driving hypothesis is that private discussion forums are host to more sophisticated participants that will, in turn, offer and have access to more sophisticated tools. To understand the impacts of the private nature of discussion forums, we selected two discussion forums available on the internet whose focus is the sale of malware; one of them is private, while the other is public. Our analysis suggests that while there are differences between private and public discussion forums, there are few significant differences between both inters of the products they advertise.

Références

  1. Décary-Hétu, D. (2017). Online crime monitoring. In The Routledge International Handbook of Forensic Intelligence and Criminology (pp. 238-248). Routledge.
  2. Décary-Hétu, D., Morselli, C., & LemanLanglois, S. (2012). Welcome to the scene: A study of social organization and recognition among warez hackers. Journal of Research in Crime and Delinquency, 49(3), 359-382.
  3. Denning, D. E. (1996). Concerning hackers who break into computer systems. High noon on the electronic frontier: Conceptual issues in cyberspace, 137164.
  4. Dunham, K., & Melnick, J. (2008). “Malicious Bots : An Inside Look into the Cyber-Criminal Underground of the Internet” (1er éd.). Auerbach Publications. Online: https://doi.org/10.1201/9781420069068
  5. Dupont, B., Côté, A. M., Boutin, J. I., Fernandez, J. (2017). “Darkode: Recruitment patterns and transactional features of “the most dangerous cybercrime forum in the world”.” American Behavioral Scientist, 61(11), 1219–1243. Online: https://doi.org/10.1177/0002764217734263
  6. Dupont, B., Côté, A.-M., Savine, C., DécaryHétu, D. (2016). “The ecology of trust among hackers”. Global Crime, 17(2), 129–151. Online: https://doi.org/10.1080/17440572.2016.1157480
  7. Dupont, B., Côté, A. M., Boutin, J. I., & Fernandez, J. (2018). Darkode: Recruitment patterns and transactional features of “the most dangerous cybercrime forum in the world”. American Behavioral Scientist, 61(11), 1219-1243.
  8. Dupont, B. & J. Lusthaus. (2021). “Countering Distrust in Illicit Online Networks : The Dispute Resolution Strategies of Cybercriminals”. Social Science Computer Review, Online: https://doi.org/10.1177/0894439321994623
  9. Haslebacher, A., Onaolapo, J., Stringhini, G. (2017). “All your cards are belong to us: Understanding online carding forums”. In 2017 APWG symposium on electronic crime research (eCrime), 41–51. Online: https://www.uvm.edu/~jonaolap/papers/ecrime17carding.pdf
  10. Herley, C. & D. Florencio. (2010). “Nobody Sells Gold for the Price of Silver: Dishonesty, Uncertainty and the Underground Economy” In Moore, T., Pym, D., Ioannidis, C. (Eds.) Economics of Information Security and Privacy, 33-53. Online: https://doi.org/10.1007/978-1-44196967-5_3
  11. Holt, T. J. (2013). “Examining the forces shaping cybercrime markets online”. Social Science Computer Review, 31(2), 165–177. Online: https://doi.org/10.1177/0894439312452998
  12. Holt, T. J. & B. Dupont. (2018). “Exploring the Factors Associated With Rejection From a Closed Cybercrime Community”. International Journal of Offender Therapy and Comparative Criminology, 63(8), 1127‑1147. Online: https://doi.org/10.1177/0306624X18811101
  13. Holt, K. (2020). “As internet forums die off, finding community can be harder than ever.” Online: https://www.engadget.com/2020-0227-internet-forums-dying-off.html.
  14. Holt, T. J., Strumsky, D., Smirnova, O., & Kilger, M. (2012). Examining the social networks of malware writers and hackers. International Journal of Cyber Criminology, 6(1).
  15. Holt, T., Smirnova, O., Chua, Y. T. (2016). “Exploring and estimating the revenues and profits of participants in stolen data markets”. Deviant Behavior, 37(4), 353–367. Online: https://doi.org/10.1080/01639625.2015.1026766
  16. Holt, T. & E. Lampke. (2010). “Exploring stolen data markets online: Products and market forces”. Criminal Justice Studies, 23(1), 33–50. Online: https://doi.org/10.1080/14786011003634415
  17. Kigerl, A. (2020). “Behind the Scenes of the Underworld: Hierarchical Clustering of Two Leaked Carding Forum Databases”. Social Science Computer Review. Online: https://doi.org/10.1177/0894439320924735
  18. Lavigne, M. (2021). “C.E.I. (Communauté des États indépendants)”, Encyclopaedia Universalis. Online: http://www.universalisedu.com/encyclopedie/communaute-desetats-independants/
  19. Leukfeldt, R., Kleemans, E., Stol, W. (2017). “Cybercriminal networks, social ties and online forums: Social ties versus digital ties within phishing and malware networks”. British Journal of Criminology, 57(3), 704722. Online: https://doi.org/10.1093/bjc/azw009
  20. Luhrs, C. & L. McAnally-Salas. (2016). “Collaboration Levels in Asynchronous Discussion Forums: A Social Network Analysis Approach”. Journal of Interactive Online Learning, 14(1): 29-44.
  21. Lusthaus, J. (2013). “How organised is organised cybercrime?” Global Crime, 14(1), 52–60. Online: https://doi.org/10.1080/17440572.2012.759508
  22. Lusthaus, J. (2019). “Beneath the dark web: Excavating the layers of cybercrime’s underground economy”. In 2019 IEEE European symposium on security and privacy workshops, 474–480. Online: https://doi.org/10.1109/EuroSPW.2019.00059
  23. Madarie, R., Ruiter, S., Steenbeek, W., & Kleemans, E. (2019). “Stolen account credentials : An empirical comparison of online dissemination on different platforms”. Journal of Crime and Justice, 42(5), 551‑568. Online: https://doi.org/10.1080/0735648X.2019.1692418
  24. Montegiani, C. (2017). L’apprentissage social chez les pirates informatiques: Analyse de l’influence des relations d’entraide et de conflit sur le processus d’apprentissage. Université de Montréal. Online: https://papyrus.bib.umontreal.ca/xmlui/bitstream/handle/1866/19590/Montegiani_Caroline_2017_Travail_dirige.pdf?sequence=1
  25. Motoyama, M., McCoy, D., Levchenko, K., Savage, S., Voelker, G. (2011). “An analysis of underground forums”. In Proceedings of the 2011 ACM SIGCOMM Conference on Internet Measurement, 71-80. Online: https://doi.org/10.1145/2068816.2068824
  26. Rafaeli, S. (1984). “The Electronic Bulletin Board: A Computer-Driven Mass Medium”. Social Science Micro Review, 2(3): 123-136. Online: https://doi.org/10.1177/089443938600200302
  27. Reuter, P. (1983). “Disorganized crime: The economics of the visible hand”. MIT Press.
  28. Shakarian, J., Gunn, A. T., & Shakarian, P. (2016). Exploring malicious hacker forums. In Cyber deception (pp. 259-282). Springer, Cham.
  29. Yip, M., Shadbolt, N., Webber, C. (2013). “Why forums? An empirical analysis into the facilitating factors of carding forums”. In Proceedings of the 5th annual ACM web science conference, 453-462. Online: https://dl.acm.org/doi/abs/10.1145/2464464.2464524.