IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Number of hacking tools increasing as cyber criminals become more organized

HP report finds that latest tools can overcome CAPTCHA challenges

There has been a significant increase in the frequency and sophistication of cyber crime activity, and it is only going to get worse, according to a new report.

The latest global Threat Insights Report from HP found the use of hacking tools downloaded from underground forums and file sharing websites increased by 65% s from H2 2020 to H1 2021. 

The report said the increase may indicate a boost in attacker intent — the desire to perform attacks and the expectation they will succeed. It also points to the widespread availability of hacking tools within the cyber crime ecosystem.

The report added that a big driver of why hacking tools are so easy to obtain is widespread malware piracy or “cracking.” This enables anyone to use tools without payment — even if developers intended otherwise.

Researchers said hacking tools in wide circulation were surprisingly capable. One example of this was a hacking tool to solve CAPTCHA challenges using computer vision techniques, namely optical character recognition (OCR), to perform credential stuffing attacks against websites. 

The report said cyber crime is more organized than ever, with underground forums providing a perfect platform for threat actors to collaborate and share attack tactics, techniques, and procedures.

“The proliferation of pirated hacking tools and underground forums are allowing previously low-level actors to pose serious risks to enterprise security,” says Dr. Ian Pratt, global head of security, personal systems, HP Inc. “Simultaneously, users continue to fall prey to simple phishing attacks time and time again. Security solutions that arm IT departments to stay ahead of future threats are key to maximizing business protection and resilience.”

The report also found cyber criminals are collaborating more to launch bigger attacks on victims. Dridex affiliates are selling access to breached organizations to other threat actors so they can distribute ransomware. The drop in Emotet activity in Q1 2021 has led to Dridex becoming the top malware family, the report said.

Information stealers have also launched nastier malware. CryptBot malware – originally used as an infostealer to siphon off credentials from cryptocurrency wallets and web browsers – is also being used to deliver DanaBot – a banking trojan operated by organized crime groups. 

Related Resource

Preparing for AI-enabled cyber attacks

MIT technology review insights

AI icon against a laptop icon on a yellow background - whitepaper from DarktraceDownload now

“The cyber crime ecosystem continues to develop and transform, with more opportunities for petty cyber criminals to connect with bigger players within organized crime, and download advanced tools that can bypass defenses and breach systems,” observed Alex Holland, senior malware analyst, HP Inc. 

“We’re seeing hackers adapt their techniques to drive greater monetization, selling access on to organized criminal groups so they can launch more sophisticated attacks against organizations. Malware strains like CryptBot previously would have been a danger to users who use their PCs to store cryptocurrency wallets, but now they also pose a threat to businesses. We see infostealers distributing malware operated by organized criminal groups – who tend to favor ransomware to monetize their access.”

Featured Resources

Join the 90% of enterprises accelerating to the cloud

Business transformation through digital modernisation

Free Download

Delivering on demand: Momentum builds toward flexible IT

A modern digital workplace strategy

Free download

Modernise the workforce experience

Actionable insights and an optimised experience for both IT and end users

Free Download

The digital workplace roadmap

A leader's guide to strategy and success

Free Download

Recommended

HackerOne employee fired for using position to steal bug bounties
Security

HackerOne employee fired for using position to steal bug bounties

4 Jul 2022
LockBit 2.0 ransomware disguised as PDFs distributed in email attacks
Security

LockBit 2.0 ransomware disguised as PDFs distributed in email attacks

27 Jun 2022
Protecting healthcare from cybercrime
Whitepaper

Protecting healthcare from cybercrime

25 May 2022
The truth about cyber security training
Whitepaper

The truth about cyber security training

25 Apr 2022

Most Popular

Raspberry Pi launches next-gen Pico W microcontroller with networking support
Hardware

Raspberry Pi launches next-gen Pico W microcontroller with networking support

1 Jul 2022
Universities are fighting a cyber security war on multiple fronts
cyber security

Universities are fighting a cyber security war on multiple fronts

4 Jul 2022
Hackers claim to steal personal data of over a billion people in China
data breaches

Hackers claim to steal personal data of over a billion people in China

4 Jul 2022