Inside Cybercrime Tournaments: Players, Incentives, and Impact on Security

Cybercrime competitions are an intriguing trend taking place in the murky depths of cybercrime forums and the cryptic reaches of the deep web.

Hackers, security aficionados, and wannabe cybercriminals breed in these competitions, which serve as both battlefields and breeding grounds.

In this report, we delve into the realm of cybercrime tournaments, exposing their characteristics, the variety of players they draw, the alluring incentives that drive them, and the significant repercussions they have for cyberwarfare and digital security.

Nature of the Cybercrime Games, Contests, and Competitions

Sophos, a prominent global cybersecurity solutions provider, utilized its cross-domain threat intelligence unit, Sophos X-Ops, to investigate research contests held within cybercrime forums.

This investigation revealed the active involvement of highly skilled individuals in cybercrime writing competitions.

Criminal organizations are always on the lookout for new members to strengthen their ranks. As a result, they were discovered to be funding anonymous writing contests for individuals who could provide 7000-character articles with relevant pictures, source codes, and videos for the best outcomes.

The Russian language boards Exploit and XSS frequently hosted cybercrime competitions. Annual writing competitions for hacks and exploits are held here, and they frequently award cash prizes in addition to the chance to collaborate with hackers.

Participants of Cybercrime Forum Competitions

Different names of hackers come up on the deep and dark web every day who name and shame companies after breaching their systems. The guidance to young and professional IT talents to join cybercrime competitions can make way for increased interest.

Moreover, certain users who may have been rejected from their jobs or were not selected to work at all for race, disability, age, etc., can be pushed to underground activities for money and recognition.

Details About Offensive Research Contests

These were the details of a cryptocurrency contest found on Exploit in 2021 –

1. A prize of $80,000 USD was offered for the winners.
2. Participants needed to write plagiarism-free articles.
3. The results were based on votes from the community members.
4. Participants were asked to write about vulnerabilities and non-standard ways of extracting private keys.
5. Automation of payments, and payment management.

A contest on XSS asked users the following questions –

1. Pinning user on Windows and Linux in kernel mode
2. Working with 0 or 1-day exploits for Windows and Linux
3. Malware creation and modifying codes
4. Exploitation of vulnerabilities and bypassing software security
5. Privilege escalation, working after exploitation

With these capabilities encouraged in cybercrime forum contestants, it becomes imperative that each user regardless of their role or profession takes online security seriously and follows cyber hygiene without excuse.

Sponsors of the Cybercrime Competitions and Contests

Prominent cybercriminal gangs were sponsoring dark web competitions. LockBit ransomware group was among those who participated as a sponsor. Another group, All Worlds Cards was a past sponsor of Exploit and XSS.

A user called Cryptomaniac sponsored a sum of $15,000 on the latest Exploit contest.

Threat Hunting or Talent Hunting the Need of the Hour?

At a time, Exploit received 35 participants while XSS had over 38 individuals try their luck in offensive games on the criminal forums.

The results included Honorable mention for participants who could create a simple library for developers, make an article on mass-scanning for Bitcoin, and discuss parsing logs likely from infostealers and others.

In an international cyber takedown, Qakbot malware infrastructure was disrupted by legal agencies. It was used to exploit over 700,000 systems, deploy ransomware, and cost millions of dollars in damages.

The defense agencies are hard at work disrupting infrastructures and arresting cybercriminals. In another successful operation, a team of legal agencies seized the LolekHosted.net domain which was a bulletproof hosting service to launch cyber attacks.

However, the arrest of the likes of Arion Kurtaj (18) and his accomplice (17) makes one wonder if hacking Uber, and Nvidia and being a part of cybercrime was the only option for them. They both have Autism and were considered unfit for trial by a team of psychiatrists.

Keeping the circumstances in view, the increasing number of hackers and the impact their impact on the digital ecosystem, it is time to assess where to begin policing.

Whether it should be by catching amateur hackers who find opportunities in similar cybercrime competitions to later become a part of the larger cybercrime groups or to foster talent and guide students to be on the right track.

Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.