IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

SQL and DDOS attacks remain priority for hackers

Sensitive data increasingly being gleamed from social networks and through the practice of 'E-whoring', notes Imperva.

Hacking

SQL injection and DDoS attacks are still the main ways in which hackers aim to attack websites.

Nearly one fifth of discussion volume (19 per cent) in a hacker forum comprising of 250,000 members, was dedicated to discussing SQL and DDOS attacks, according to data security firm, Imperva.

SQL injections are currently the top priority for hackers, as security teams and businesses have failed to take precautions to protect themselves, the firm in its Monitoring Hacker Forums report.

Gleaming sensitive information through popular social media networks and the practice of E-whoring are also on the rise.

Facebook and Twitter are the most discussed media platforms in hacker forums taking up 39 per cent and 37 per cent of the discussion time, respectively.

"Facebook and Twitter are on top of that list and with some presence of Myspace and Google + and LinkedIn," Tal Be'ery, web researcher for Imperva, told IT Pro.

"But Facebook and Twitter are at the top because are the most popular [and] therefore the most interesting data can be found there."

E-whoring, the practice of selling pornographic content, is becoming more popular avenue for hackers who exploit men and women. Hackers typically pretend to be women and tempt victims into paying money for 'E-whoring packages' with the promise of pictures and videos.

Hackers aims to attain street cred' in forums by giving aspiring students tips and tricks. As they start to learn more, students are given topic forum-specific codes so that the experienced hacker does not give out vital information about what they know or who they are.

Be'ery added that through the private network within forums, hackers use private messaging, giving certain people authentication privileges or using instant messaging since creating accounts is easily accessible.

Businesses should use CAPTCHA authentication and monitor browser traffic to make sure they are protected from attacks, he added.

Featured Resources

Four strategies for building a hybrid workplace that works

All indications are that the future of work is hybrid, if it's not here already

Free webinar

The digital marketer’s guide to contextual insights and trends

How to use contextual intelligence to uncover new insights and inform strategies

Free Download

Ransomware and Microsoft 365 for business

What you need to know about reducing ransomware risk

Free Download

Building a modern strategy for analytics and machine learning success

Turning into business value

Free Download

Recommended

Nigerian cyber criminals target Texas unemployment system
cyber security

Nigerian cyber criminals target Texas unemployment system

27 May 2021

Most Popular

Russian hackers declare war on 10 countries after failed Eurovision DDoS attack
hacking

Russian hackers declare war on 10 countries after failed Eurovision DDoS attack

16 May 2022
Windows Server admins say latest Patch Tuesday broke authentication policies
Server & storage

Windows Server admins say latest Patch Tuesday broke authentication policies

12 May 2022
IT admin deletes company’s databases and is jailed for seven years
Policy & legislation

IT admin deletes company’s databases and is jailed for seven years

16 May 2022