Hacking guides are cheap, plentiful and out of date
Hacking guides for sale on criminal markets are cheap, plentiful and often only a decade out of date, according to a new report from intelligence firm Terbium Labs.
The big picture: The guides, often sold as giant caches of manuals, are often padded with irrelevant material (one included ''Cabinetry for Dummies," said Terbium VP of Research Emily Wilson), and plagiarism runs rampant. But if you power through the scams and thievery by the vendors, there's plenty of good information on scams and thievery for would-be hackers.
By the numbers:
- Only 5% of the 44,000 individual documents Terbium purchased came from 2018 or later. More than 25% were a decade old, with the bundled documents including a range of files from the 1990s and around 1,000 copies of the same transcription of "The Anarchist's Cookbook."
- Less than a quarter of the files for sale were unique.
- But at an average cost of $0.01 cent per file, nascent fraudsters could afford to be taken for a few rides as long as they find an occasional gem.
Details: "When the guides were current, the techniques would be effective," said Wilson.
- The study looked at both multipacks of guides, which averaged $12.99, and individual files, averaging $3.88 a piece. Cost, said Wilson, was not indicative of quality.
- The quality varied wildly, from short snippets of information to a thorough 40-page guide on doxing.
- Documents sold from multiple vendors contained admonishments not to resell the work. "Oops," said Wilson.
The danger: "One of the things that make these guides dangerous is that they are recipes for digital crime sold alongside the ingredients," said Wilson.
- Don't know where to buy an important component of your scam? Many of the guides contain vendor referrals.
- Packages sometimes included files beyond manuals, like fonts to use in phishing scams.