Various cyber-incidents from the last couple of years have proved that the prophecy was correct: cyber-threats such as malware and ransomware of many kinds have become one of the most prevalent risks to businesses worldwide. Given this dramatic increase of cyber-threat risks, the dark web has grown to be a popular platform for hackers to share knowledge, providing potential attackers with key 'how-to' information.
Some fraudsters use dark web forums in order to reach out to professional hackers and to ask for their advice. Considering the fast-growing market of new malware and the huge demand for cyber-weapons, many cyber-threat actors constantly seek new ways to execute their attacks. In that matter, Sixgill has recently tracked a dark web forum member who was looking to overcome Gmail's virus detector while sending a trojan to a potential victim. Forum members were quick to respond and provide a method that would make the proposed attack both plausible and efficient.
Dark web forums are not only for hackers' Q&A but also for sharing comprehensive tutorials of the latest available malware and ransomware. Some fraudsters that resell a malware may also send the buyer a full tutorial. Trying to market their products, some fraudsters post a full description of the malicious program's features and capabilities. A few days ago Sixgill discovered a user guidebook for one of the most common ransomware of the last couple of months; it contained some screenshots of the program's UI and gave a glimpse of the details of the attacker's most recent attacks.
A flourishing platform for malware and ransomware vendors and buyers, dark web forums are now becoming the 'main-stage' for hackers FAQ. Dark web forums are becoming the most prominent sources for cyber-threat knowledge sharing, attracting hackers as they prepare their next attack.