Home CYBER SECURITY Hackers: Who Are They, How Criminal Hacking Organizations Work, The Most Common...

Hackers: Who Are They, How Criminal Hacking Organizations Work, The Most Common Attacks

To defend against cyber attacks, it is helpful to know who the hackers are, what they do, how they coordinate with each other and, above all, how criminal hacking organizations work. To find out, we snuck into a criminal group – here’s what we found.

The term hacker derives from the English to hack, which means to cut or tear apart. In particular, taking up the definition of the Treccani vocabulary, a hacker is someone who “using his knowledge in the programming technique of electronic computers, is able to illegally penetrate a computer network to use data and information contained therein, for more in order to increase the degrees of freedom of a closed system and teach others how to keep it free and efficient”.

Many ignore the behind the scenes of the term hacker: what tools they use, how they coordinate, and what their goals are. To find out, we will deal below with how the criminal group that we will call by the fictitious name of BadKitties operates.

How The Hacker Group Will Be

It was a day like any other, and like every other day, I checked in the evening my “trap” computers vulnerable to RDP brute-forcing attacks with “administrator” and “admin” credentials. As usual they had been “holed” and in the folders managed by some of my scripts I found some malware other than the ransomware that usually are found in these situations.

I then immediately mobilized to analyze the device searching for what the hacker who had previously connected had entered me and looked at some processes I saw unknown executables executed by tasks not entered by me and malicious.

BadKitties Hacking Team: how to become a Hacker

BadKitties is a well-structured hacker group made up, to date, of more than 400 members. Starting your career within this criminal group is relatively easy. As soon as you receive an invitation from a member, you will need to contact the group leader through a “Telegram Bot” to be given instructions to start “working” in the sector.

After sending the bot’s contact request, I didn’t have to wait more than 10 minutes for “X” to send me a direct message: the speed with which I received the feedback was incredible.

We then began to write to each other via Telegram. After collecting some information about the group dynamics, I began to ask about him and what his role was within the organization.

Without problems, he told me that he was the “Boss” of the group and that due to a series of misunderstandings he believed I was another person from whom he was expecting a message: from that moment we began to enter the heart of the speech and the most important thing was explained to me.

Also Read: 16 Hacking Abbreviations And What They Mean

Telegram and Hackers

In the Telegram group used for communications and the sale of information, if you browse to the “Files” section, you can find TXT with CSV formatting containing large DBs with credentials that affect various types of sites and services, here are some brands present:

  • Gmail
  • Outlook
  • Spotify
  • Free
  • Yandex

Other files that can be found are old versions of web scanner, batch, key generator, ransomware payload generator, various types of databases containing leaks, IP lists and much more.

The platform guarantees a certain level of anonymity, and it is also possible to use bots to satisfy the needs of those who manage these “teams” in an automated way.

The most common Attacks

Today, the most common and effective hacker attacks reach our systems through emails using various methodologies that can be more or less effective. Here are some examples:

  • Identity theft: after stealing a user’s credentials, these are used to send emails containing “VBA.Downloaders” appropriately obfuscated to all contacts with whom the latter regularly communicated;
  • MITM (Man in The Middle): control of the flow of emails between two interlocutors by making minor alterations to the conversation, such as when paying for a service or a certain quantity of goods, the IBAN contained in the attachment is changed. Message or written in plain text in the message body;
  • Spear phishing: targeted and carefully studied phishing to effectively target the chosen target;
  • Phishing: general content phishing performed with mass emails to use statistics as a strength.

The most common Payloads

Usually, the types of malware that are most effective are those that seem “most common”: by now anyone knows that an executable (.exe) sent by email should not be opened, but few know that even files marked “Microsoft” as the Word (.doc), Excel (.xls), PowerPoint (.ppt) inside them can contain macros written in Visual Basic which, once activated, can compromise the entire device and, in the most desperate cases, the whole IT infrastructure.

The following are the most used extensions for email attacks:

  • .xls, .doc, .ppt, .xlsx, .docx, .pptx, (other Microsoft Office extensions), .vba, .vbs, .js, .jar, .jse, .msi, .scr, .lnk,. pif, (Compressed file extension) + Password protection, .htm, .pdf, .bat

How to Recognize an Attack and what to do to Protect Yourself

To effectively detect a hacker attack, you need to be aware that anything that can reach us via email can compromise our system after a few clicks.

With this firmly in mind, it is necessary to pay attention to grammatical errors, unexpected data changes by one of our suppliers or customers, requesting special permissions to open attached files and, finally, opening hours—receipt of the email.

Most malware campaigns are targeted at emails with company domains, but even a private user can fall into the dense web of spam.

Unfortunately, the most significant vulnerability is human interaction. The patch can only be done with education and awareness of what can happen when working with any internet-connected device.

To conclude, to mitigate cyberattacks, some practical measures can be:

  • keeping the OS at the latest stable version;
  • updating of anti-virus and anti-malware software ;
  • use of dedicated antispam;
  • firewall upstream of the network;
  • the hiring of Security Operation Center (SOC) for proactive monitoring of the infrastructure;
  • SIEMs configured with alerting rules for suspicious activity.

Also Read: Hacker Attacks: Tools And Techniques Of Cyber Criminals

Tech Cults
Tech Cults is a global technology news platform that provides the trending updates related to the upcoming technology trends, latest business strategies, trending gadgets in the market, latest marketing strategies, telecom sectors, and many other categories.

RECENT POSTS

The Benefits of Keeping Your Old Phone

When your two year mobile phone contract comes to an end, you might find yourself considering an upgrade to the latest model. However, there...

Cultivating Leadership Excellence in the Corporate World

In an era where business dynamics shift with dizzying speed, the difference between success and faltering often hinges on leadership. Good leaders possess an...

API Monitoring to Improve ML Models

Introduction Generative AI and Machine Learning models have exploded in recent times, and organizations and businesses have become part of the new AI race. The...

Data Analytics: Six Trends That Will Shape The Future

Quick advances in information science are opening up additional opportunities for organizations. They can extend their insight into their market, their clients and their...

Buying Instagram Likes: Strategies, Upsides, and More…

Hey everyone! People who have used Instagram for a while know how important it is to get likes. They're "thumbs up" that lets you...

Navigating Supply Chain Challenges in the Electronics Industry

I. Introduction Supply chain is the process that ensures goods and services from producers reach consumers in a seamless manner through a series of steps....