Slashdot Mirror

← Back to Stories (view on slashdot.org)

The Underground Hacking Economy

Posted by Soulskill on from the sunlight-is-a-distraction dept.

Fast Company profiles the rise of sites like Hackers List and Hackers For Hire, which provide consolidated markets for people to hire hackers to break passwords, alter databases, learn to operate malware, and more. People with the skills to circumvent security are putting themselves out there as freelancers for specific tasks, and people in need of their services are posting notices asking for help. Law enforcement agencies are warning about this new type of behavior, saying it's often illegal, and facilitated by online anonymity and cryptocurrencies like Bitcoin. The number of deals currently being made through these sites remains small, but it's growing — particularly among business seeking to gain an advantage over competitors in other countries.

29 comments

  1. Stop it already by ArcadeMan · · Score: 4, Informative

    ...facilitated by online anonymity and cryptocurrencies like Bitcoin.

    You mean the same anonymity that allows anyone to check all transactions ever done on a Bitcoin* wallet?

    * and other similar crypto-currencies as well.

    --
    Get free satoshi (Bitcoin) and Dogecoins
    1. Re:Stop it already by NotInHere · · Score: 1

      What does anonymity have to do with fully transparent accounts?
      The anonymity adding difference between bitcoin and traditional online banking is, that you don't have to go to the bank with your ID to open an account. In theory, that *is* anonymity. But at the interface between bitcoins and RL money it can be made non-anonymous.

    2. Re:Stop it already by Anonymous Coward · · Score: 1

      Anonymity doesn't mean untraceable.
      The identity of a wallet holder is unknown even if the transactions of that wallet are public knowledge, at least until the transactions can be traced to specific hardware or a particular delivery point.

    3. Re:Stop it already by Anonymous Coward · · Score: 3, Informative

      The ironic thing is that there are a lot of BitCoin apps which the first thing they demand is access to your bank account before they even think of letting you create a wallet. Yep, anonymity there.

      BitCoin isn't anonymous:

      1: Moving currencies to and from BTC is obvious, (bank shows 50 quatloos exchanged to BitCoins and the proceeds moved to wallet "X". Time to watch wallet "X" and follow the trails, busting everyone who receives currency from what wallet.)

      2: You have to run the entire blockchain, all 40+ gigs of it every time you process every single transaction. Yes, there are shortcuts... but you then leave yourself open to double spending attacks.

      3: Converting BTC to a usable currency also rings alarm bells, and LEOs can just wait for someone with the above wallets who received money from the person in item #1, then bust them.

      BitCoin has its uses though:

      1: Once a transaction happens, people who got paid stay paid. No chargebacks, no finding that later on, your BitCoins were counterfeit (assuming a blockchain run was done to protect against double spending.)

    4. Re:Stop it already by NotInHere · · Score: 3, Informative

      So I just don't install that crappy app. That's no argument.

      You don't have to make a full blockchain run for every transaction. If you have enough transactions, you can also make a list with valid/invalid wallets and their balance and use that to tell whether transactions are valid.

    5. Re:Stop it already by penguinoid · · Score: 1

      Like how I'm not anonymous because anyone can trace all posts made by penguinoid? And Anonymous Coward isn't anonymous either, because there's a record of every post they made?

      Anyone serious about their anonymity will be careful how they use their Bitcoins.

      --
      Don't waste your vote! Vote for whoever you want, unless you live in a swing state it won't matter anyways
    6. Re:Stop it already by KGIII · · Score: 1

      When BC first started out I set up a mining box and let it run headless for months. I ended up with forty-something BC. Because of the connotations now implied with them (as incorrect as they are) I do not want to spend them with anything attached to my name as I am a fairly reputable person. So, well, does anyone know of a decent NPO that accepts BC as donations? I want to be able to verify how much of the donations go to actual causes rather than paying the salary of executives and workers. There is a reasonable percentage for overhead. When only 10% (or less) goes to the cause it seriously should have had its NPO status revoked long ago.

      --
      "So long and thanks for all the fish."
    7. Re:Stop it already by afeeney · · Score: 3, Informative
      In the United States, at least, you can get any nonprofit's 990 form, either on their website or at www.guidestar.org. The 990 lists how much the top executives make, who their top vendors are, and how their budget gets spent.

      Depending on the organization's lifecycle and purpose, about 15-20 percent of the budget on overhead is normal. A very new nonprofit has to spend a lot more on outreach and fundraising, as would a nonprofit that's raising funds for a major capital project.

      I've found one of the most telling signs is a big gap between the CEO's salary and that of the next highest-paid staff. Unless there's some obvious reason (the CEO is the only full-time employee), that's the sign of a big CEO ego and a weak board.

      The CEO and upper exec salaries should reflect their real market value, including the perks of the nonprofit sector. Most CEO turnover in the nonprofit world is voluntary, for example. In addition, the CEO of an organization with a lot of independent chapters has a lot less to do with their revenue stream than the CEO of one that's highly controlled from the parent organization.

      Unless the organization is doing fundraising for a capital campaign, there shouldn't be big payments to professional fundraisers, compared to total income. Big consultant fees are another warning sign.

    8. Re:Stop it already by ArcadeMan · · Score: 4, Funny

      Or you could just send your Bitcoins to me... 18LQHMjKSCSU3g4f29TfmtfxHXUfnh7juB

      Thank you in advance for any amount. Even 1/10th of a Bitcoin would be extremely appreciated.

      --
      Get free satoshi (Bitcoin) and Dogecoins
    9. Re:Stop it already by KGIII · · Score: 1

      Thank you very much. The only sites I knew of were:

      http://www.charitynavigator.or...
      https://www.charitywatch.org/

      It is amazing how many egregious NPOs are out there and even more amazing how many people do not pay attention to this. Chances are that if they are paying a huge sum of money to buy expensive ads and then place those ads then they are not a very good charity. So, if you are seeing them advertise on all the channels during prime slots there is probably no reason to donate to them, they can use the ad money to further their cause. (This is not exactly true in all cases and it may be different as I have not watched television in a number of years.)

      I tend to donate "in the name of" and oft use the name of the site that I got the idea from. Thus this donation would be in the name of Slashdot members and so I like to ensure such donations go to good causes. Not too many people like them here but I am thinking that the Bill and Melinda Gates Foundation is a good cause but I doubt they take BC. EFF is a good cause too but I am not sure how they spend their cash so I will check into that.

      Anyhow, do you have a charity in mind that you prefer? It is going to be, sort of, in your name too. They have to accept BC obviously. The total current value is a little over $11,000 (I have 48 of them, I checked) so it is not an insignificant sum to some folks. I think it would make somebody's day to see that message in their inbox. Also I am a bit shocked at how much they are worth. It is less than they were worth the last time I checked but it is still worth a lot more than the time and electricity I put into it. I am sure that this is because I did this within, literally, a month of them coming out with the software and whatnot. And, no, I am not going to give it to Dice.

      --
      "So long and thanks for all the fish."
    10. Re:Stop it already by Anonymous Coward · · Score: 0

      Anonymity doesn't mean untraceable.
      The identity of a wallet holder is unknown even if the transactions of that wallet are public knowledge, at least until the transactions can be traced to specific hardware or a particular delivery point.

      The thing is the transaction record is adequate to link a wallet to a person in most cases and when it isn't a honeypot or sting operation can make it adequate.

      In practice BTC is not anonymous.

  2. This sounds like... by RavenLrD20k · · Score: 2

    This sounds like a plot straight out of one of my cyberpunk/shadowrun gaming sessions. Speaking of which, it's been a while since I've played Uplink.

  3. Enlightening by ArhcAngel · · Score: 2

    So THAT'S why Justin Long has been eerily quite on the silver screen lately.

    --
    "A person is smart. People are dumb, panicky dangerous animals and you know it." - K
    1. Re:Enlightening by Anonymous Coward · · Score: 0

      eerily quite what?

    2. Re:Enlightening by Anonymous Coward · · Score: 0

      I think he meant earily quiet.

  4. online anonymity by fustakrakich · · Score: 2

    If it existed that would be great! Circumvention is not always a bad thing.

    --
    “He’s not deformed, he’s just drunk!”
  5. deres haxx0rs in dere m4rk3tz by Anonymous Coward · · Score: 2, Insightful

    because, you know, smearing the maker movement with juvenile crap is what the security industry is all about

  6. Your ignorance is glowing. by evilrip · · Score: 0, Troll

    a) hackers rule b) hackers rule c) take your ignorant, non-coding, lazy ass, no good bullshit criminal 4 hire lists and shove them. Seriously though, you do realize we built this place(the internet, this site, probably the computer you are using now, etc), and you confusing 'hacker' with criminal is starting to border on the absurd, so i think from now on all non-hacking geeks are simply know as pedophiles. how do you like them apples, pedophile?

    --
    "To err is human, to forgive, beyond the scope of the Operating System"
  7. The Underground Slashdot Economy by Khyber · · Score: 2

    http://slashdot.org/submission...

    http://slashdot.org/submission...

    http://slashdot.org/submission...

    Welcome to being utilized as a herd of sheep, people.

    --
    Still waiting on Serviscope_minor to wake up to fucking reality and realize that Jessica Price isn't going to fuck him.
    1. Re:The Underground Slashdot Economy by KGIII · · Score: 1, Funny

      As you, yourself, post here as one of the sheep you decry... We all know about this. Your blathering is not helping. Take your stuff off SF. Oh, wait, you do not have anything up at SF and just want to whine so you can boost your ego and feel good about yourself though you have done nothing to help. A shallow life must be depressing.

      --
      "So long and thanks for all the fish."
    2. Re:The Underground Slashdot Economy by Khyber · · Score: 1

      "Take your stuff off SF. Oh, wait, you do not have anything up at SF"

      I did take my stuff off of SF. About three years ago. Oh, wait, you're just as ignorant as everyone else! Welcome to the sheep herd!

      --
      Still waiting on Serviscope_minor to wake up to fucking reality and realize that Jessica Price isn't going to fuck him.
    3. Re:The Underground Slashdot Economy by Anonymous Coward · · Score: 0

      I am not ignorant about the situation that has your panties in a knot. I just do not dwell on it nor do I run to every thread and piss in it.

      KGIII

      I have hit my daily posting limit so AC is required. /. is also an absolutist ninny, I find that to be more objectionable.

    4. Re:The Underground Slashdot Economy by Khyber · · Score: 1

      The fact your account has a daily posting limit says it all.

      --
      Still waiting on Serviscope_minor to wake up to fucking reality and realize that Jessica Price isn't going to fuck him.
  8. Attack on Rutgers University by Anonymous Coward · · Score: 0

    A friend of mine who is an undergraduate at Rutgers University says the at the end of the semester, DDOS attacks forced Rutgers off the internet, right when he and others needed it most to complete assignments. He also said that responsibility was claimed by a hacker who was paid to do this by another student at Rutgers, paid in Bitcoins.

    1. Re:Attack on Rutgers University by k6mfw · · Score: 3, Insightful

      DDOS attacks forced Rutgers off the internet, right when he and others needed it most to complete assignments.

      sure glad I graduated before realtime access to the internet was necessary to finish assignments. Back then all I needed was a lot of hot coffee.

      --
      mfwright@batnet.com
  9. Re:Malware by Anonymous Coward · · Score: 0

    Why won't slashdot cover the sourceforge malware scandal? Oh, yeah, that's why. SHAME ON YOU DICE!

    You've been spamming every single article today with a completely off topic comment. You're doing way more harm to your story's reputation than you are helping it - this belongs on a blog or something, not in the comments section of another story.

  10. Re:Malware by Falos · · Score: 1

    If (benefit of doubt) Dice is somehow bullshit, who do you think needs to know? A: Dice users.

  11. Re:Malware by Anonymous Coward · · Score: 0

    If (benefit of doubt) Dice is somehow bullshit, who do you think needs to know? A: Dice users.

    We all know Sourceforge puts adware and the like into their custom installers, it's why nobody uses them. You're telling us something that anybody who has ever tried to use these custom installers knows about, but apparently you didn't find it interesting three years ago. Furthermore, it's completely unrelated to the topic at hand. Would you like me to tell you about all the exciting developments in Ukranian ethnology? That has about as much relevance to this article as your story does.