Two New Hacking Schemes Uncovered Using Surveillance & Hack-Back Techniques
Leading data security specialist, Imperva, recently announced a research effort aimed at better understanding cyber criminal conduct, large scale cyber attacks and the evolution of underground cyber crime.
The research unvailed as Hacker Intelligence Inititaive (HII) "will help uncover the trends, techniques and tactics utilised by today’s cybercriminals" says Imperva CTO, Amichai Shulman. "Modern cyber defenses need to keep pace with this growing industry and our intelligence initiative will help uncover the trends, techniques and tactics utilised by today’s cybercriminals.”
Imperva's HII researchers will conduct and release research on attacks as they are uncovered.
To date, the HII has released research on four significant cybercrime activities, among others:
- Pyramid-Scam Phishing Scheme: Employing simple hack-back techniques, Imperva uncovered a pyramid scam-style phishing scheme where a sophisticated hacker siphons data from individual phishing attacks through a backdoor in a phishing kit; the attack also capitaliseson a second drop-server to store stolen data.
- Start-to-Finish Execution of a Cross-Site Scripting Attack: By observing the hacker’s own vulnerable code, Imperva was able to witness
a XSS attack impacting 3000 individuals; Imperva found that XSS attacks require little expertise and less than an hour to carry-out
when using readily available tutorials and free hosting sites. - New Type of DDoS Attack: By monitoring a TOR, Imperva traced DDOS attacks to find that, unlike traditional botnets made up of
infected PCs, the attacks were leveraging a botnet of infected servers, creating a stronger, more effective and less-discoverable attack. - The publication of 32 million passwords: By monitoring hacker forums, Imperva uncovered a list of user passwords for the popular site RockYou and provided analysis of the most commonly used words and phrases.
“Today, security research focuses heavily on vulnerabilities and problems" Shulman continued. "But to truly protect an organisation, security professionals must have a deep understanding of their enemy", referencing Sun Tzu’s observation, ‘If ignorant both of your enemy and yourself, you are certain to be in peril.’
For more information regarding the Imperva product range please contact Australian Imperva partner, CoreSight.
Share this...
- ThreatRadar Adds Auto Defences for Imperva WAF...
Mitigate Automated Attacks Using ThreatRadar ThreatRadar is a new service that complements Imperva's SecureSphere Web Application Firewall (WAF). ThreatRadar ... - SAP NetWeaver Vulnerability - Fix or Secure?...
The recent disclosure that thousands of Internet-facing SAP NetWeaver implementations are vulnerable to severe compromises will no doubt send some admins scurry... - Imperva Q1 2011 Web Application Attack Report...
Imperva's most recent report on web application attacks found that on average these applications were attacked around 27 times per hour. Across the Internet be... - Imperva SecureSphere Database Activity Monitoring...
Visibility into Database Usage The SecureSphere Database Activity Monitoring (DAM) delivers automated and scalable activity monitoring, auditing, and reporting... - Imperva Security for SharePoint...
For many organisations SharePoint has become the tool of choice for content management because it enhances internal collaboration and can be accessed from any l...
