Threat Management, Threat Management, Threat Management

For the advancement of theft: Black hat cons issue call for papers as part of criminal forum

BERLIN, GERMANY – JANUARY 25: In this photo illustration a young man types on an illuminated computer keyboard typically favored by computer coders on January 25, 2021 in Berlin, Germany. 2020 saw a sharp rise in global cybercrime that was in part driven by the jump in online retailing that ensued during national lockdowns as governments soug...

The entry period just ended for a Russian criminal hacker forum's call for papers to advance the science of stealing, with the best submissions receiving cash prizes.

The online conference-esque event started on April 20, when administrators asked for papers covering unorthodox methods to swindle cryptocurrency wallets, smart contracts and NFTs, advances in cryptomining malware, and other related thievery, according to research from Intel 471. While papers weren't presented, they were posted to the forum for users to read.

"This is a clear mimic of what the security industry does" with conferences, said Intel 471 chief information security officer Brandon Hoffman. "Except it's the polar opposite of finding new methods to detect and prevent."

The contest initially offered $100,000 to the winners, though a forum member added an additional $15,000 to the prize pool. Entries closed mid May.

Entries included API manipulation for cryptocurrency sites, and a new way to set up phishing sites to steal wallet keys and seed phrases.

Intel 471 said they have seen paper writing contests on other forums in the past, albeit with lower prize pools, as well as contests from ransomware groups like REvil and LockBit.

While moderators could profit using the techniques, the goal for forums is to grow their forum's brand, said Hoffman.

"It is less about recuperating their money directly and more about remaining a key marketplace or location to transact business," he said.

Intel 471 said that the call for papers' specific request for NFT related hacking might foretell criminals beginning to target those trendy, high priced marketplaces.

But more than anything else, said Hoffman, it is a sign that criminal hackers as lone wolves is long over. Instead, defenders are up against hacker ecosystems working in concert. Criminal actors, as SC has reported, are increasingly more corporate and open to partnerships than anarchistic and antisocial.

"It really shows the maturity of cybercrime. It feels like many folks still believe that cybercrime is hacking of old, where there is a single person or a gang sitting around a table working on their organization," he said. "While components of that may still be true, the cybercrime world has truly evolved to a full-fledged economy of service providers, product designers and creators, financing, brokers, marketplaces, infrastructure providers, research and more."

Joe Uchill

Joe is a senior reporter at SC Weekly, focused on policy issues. He previously covered cybersecurity for Axios, The Hill and the Christian Science Monitor’s short-lived Passcode website.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.