With Friends Like These: Hacker Forums Focus on Facebook, Twitter

Photograph by David Paul Morris/Bloomberg

Security firm Imperva found social media sites were a hot topic in hacker forums, including the sale of Facebook "likes."

What do hackers talk about when they think nobody’s listening?

According to a new analysis of 18 hacker forums from around the world, the answer often is: your Facebook and Twitter accounts.

An examination of popular hacker chat rooms by Imperva, a security firm, found that in the past 100 days, there were 800 separate discussions focused on social networks, many dedicated to hacking attacks. That is almost as many as the 1,100 threads for SQL injection, a technique for attacking websites that is “as alpha male as it gets” in terms of aggressive hacking, according to Rob Rachwald, Imperva’s director of security strategy.

While attacks on Facebook and Twitter aren’t new, the level of chatter about them has become surprisingly high, pointing to their growing significance as a source for personal data, photos and financial gain, Rachwald said. And no matter where they live or what language they speak, hackers are increasingly setting their sights on Facebook, which has more than 1 billion users, and Twitter, which has an audience of 140 million people.

Much of the report’s data was drawn from a single hacker forum that has 250,000 members, which Rachwald declined to name. Some of the forums were focused on specific countries or regions, such as Pakistan, Indonesia, Italy and Spanish-speaking regions.

Hacker forums aren’t explicitly dedicated to criminal activity. The chatter ranges from mundane technical matters to advanced discussions. Beginners who are interested in criminal activity can build credibility on some forums to get invited into private chat rooms where serious criminals plan attacks, according to the report.

Not everyone on the forums is a hacker. The report highlighted one message from someone who sought help in hacking into a boyfriend’s Hotmail and Facebook accounts. In another instance, someone was offering 100,000 Twitter followers — and boasting a “mix between real and fake accounts, all with avatars!” — for $72.

What do you think about this article? Comment below!