Hacking courses offer cybercrooks tips on how to hone skills
Subjects range from basic fraud to managing botnets and evading arrests, RSA says
Computerworld - A growing number of experienced hackers have begun offering structured hacking courses for crooks seeking to make a career in cybercrime.
The courses range from the basics of online fraud to advanced courses on online anonymity tools, botnets, cleaning up electronic evidence and dealing with law enforcement, according to RSA, the security division of EMC Corp.
Often, the courses have a formal curriculum similar to that adopted by legitimate academic institutions, said Limor Kessem, a cyber intelligence expert at RSA, in a blog post Wednesday.
Many courses even have strictly enforced absentee policies where students are required to provide advance notice if they are unable to attend a class, or forfeit part of the fee for a missed session. Some of the courses come with offers to help graduates find jobs with underground cyber communities while in other cases, those teaching the courses vouch for their star pupils via underground channels, Kessem wrote.
The courses are typically advertised in known hacker networks. The classes are usually held via live Skype videoconferencing sessions with "professors" partaking in question-and-answer sessions with their students.
Seasoned hackers have always offered such advice to aspiring cybercrooks, said Berk Veral, senior product marketing manager at RSA. What's different now is the proliferation of such services, he said. Over the past few months, RSA has observed a sharp spike in the availability of online cybercrime courses, a majority of which appear to be based out of Russia or taught in Russian.
"We used to see one or two people advertising such courses in chat rooms and forums where cyber criminals hang out," Veral said. The number of such courses has increased significantly, he added. "The courses are much more organized with different curriculums and different courses for different skill levels," he said.
Some examples of the courses being advertised by cybercriminals include foundational courses that teach "students" the basics of credit and debit card fraud, how to avoid being caught by law enforcement and what information can and cannot be used in court. The price per lecture is typically 2,500 rubles or about $75, according to Kessem.
Many hackers also have begun offering online courses in "carding" techniques, or how to use credit and debit cards fraudulently. The courses, which are extremely popular, point students toward easy targets for carding and provide them with credit card numbers that have been tested and verified as good for use in fraudulent purchases. Advanced curriculums, which typically start at around $50, include a practical session where students are walked through the process of making a fraudulent transaction, Kessem wrote in the RSA blog.
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- Who's Spying on You? You're aware of the threats of malware to your business but what about the ever-changing ground rules? Cybercriminals today are launching attacks against...
- Pay-as-you-Grow Data Protection: IBM Tivoli's Full-featured Data Protection Suite for Small to Medium Businesses IBM Tivoli Storage Manager Suite for Unified Recovery gives small and medium businesses the opportunity to start out with only the individual solutions...
- Streamline Data Protection with IBM Tivoli Storage Manager Operations Center IBM Tivoli Storage Manager (TSM) has been an industry-standard data protection solution for two decades. But, where most competitors focus exclusively on Backup...
- Simplify and Consolidate Data Protection for Better Business Results Learn about IBM® Tivoli® Storage Manager Operations Center, which provides advanced visualization, built-in analytics and integrated workflow automation features that leapfrog traditional backup...
- Meg Whitman presents Unlocking IT with Big Data During this Web Event you will hear Meg Whitman, President and CEO, HP discuss HAVEn - the #1 Big Data platform, as well...
- The New Way to Work Knowledge Vault This Knowledge Vault focuses on how, in today's increasingly virtual world, it's more important than ever to engage deeply with employees, suppliers, partners,... All Cybercrime and Hacking White Papers | Webcasts