Malware

Arrests Offer Glimpse Into Hacker Culture

There’s a wealth of information out there for hackers, or “black hats,” as they are also called. The arrest last Thursday of alleged Zotob writer Farid Essebar, 18, who went by the name Diabl0, has shed some light on the thriving underground culture, but much remains a mystery.

The hacker underworld in which Essebar participated comprises numerous informational and networking resources — and not all come from the world of virus writing and malware design.

“In general, black hats learn their tricks the same way that everybody else does: through a network of informational Web sites, magazines, conventions and advice from peers. There’s even hacker radio,” Ed Moyle, president of SecurityCurve, told TechNewsWorld.

Hacker Conventions, Community

Moyle listed the 2600 print magazine, The Hacker Quarterly, Phrack eZine and 2600’s “Off the Hook” radio show as well-known sources of hacker information and support.

Defcon, which held its 13th annual conference in July in Las Vegas, and Hackers on Planet Earth (HOPE), which holds a conference about every other year, are both geared toward the hacking community.

But hackers don’t just hold their own conventions — they often attend those of IT security experts.

“There’s also usually a black hat contingent at most mainstream security conferences. Since information security and hacking are two sides of the same coin, many hackers go to security conferences and many security professionals go to hacker events — neither community seems to mind,” Moyle said.

Telltale Sign

Atilla Ekici, who used the nickname “Coder” and was arrested the same day as Essebar, is suspected of being part of a credit card fraud ring in Turkey. Authorities there are now investigating 16 more suspects and a potential connection between hackers and scammers.

Malware experts at Sophos believe that the teen-age Essebar may have created as many as 20 variants of the bot worm that infected Windows systems of major corporations and media outlets two weeks ago. That belief is based on a “signature” left within the code, but even that is not proof positive, one analyst said.

“In addition to Zotob, Diabl0 is probably the author of some Mytob variants and some MyDoom variants,” Moyle said. “It’s a bit unclear which ones he is or isn’t responsible for, because although the moniker ‘Diabl0’ is embedded in much of the malware (probably an Essebar calling card), the source is available on the Internet, and that makes it difficult to know which variants are him and which are just copied and pasted versions with the calling card accidentally left in.”

For Money or Pleasure?

Essebar is suspected of selling his worm for a profit, but Moyle speculated that there are many other reasons hackers ply their trade.

“Some just find it to be an interesting topic … they would never go out of their way to cause damage to anybody,” Moyle said. “A number of security professionals, for example, first became interested in the topic by reading information about hacking, phreaking (hacking with telephones), reverse engineering or malware authoring.”

“There are other people who do it because they get a power trip from being able to cause damage or gain control of other people’s machines,” the analyst continued. “And then there are other people who enjoy the feeling of community — the hacker scene is a very inclusive subculture, albeit less so now than it used to be.”

2 Comments

  • Criminals are ***not*** part of the Hacker community. The Hacker Quarterly makes that quite clear every time some idiot sends in a letter asking for information on how to hack their grades, steal something, deface anything, etc. I suspect that is also the case of the other magazines. Lets be real clear. There is no such thing as a black hat hacker. That is a fiction invented by Hollywood, who have falsely portrayed the movement that led to the PC, Apple and many other major improvements to technology, as well as news ones. If they break the law, they have no right to the name. Such people are ‘criminals’, not ‘hackers’, so stop @[email protected]#$ making us all look bad by claiming they are. Just because criminals can misuse what the real hacker community discovers no more makes them a hacker than someone buying a AK-47 from a gun collector makes them a US Marine.

Leave a Comment

Please sign in to post or reply to a comment. New users create a free account.

Elon Musk's Dec. 2 action to release The Twitter Files: Approve or Disapprove?
Loading ... Loading ...

LinuxInsider Channels