Malicious hackers... why do they do it?

Biggins

Just curious, I know of three sites in that in the last day or two have been taken off the net by hackers in huge concentrated denial of service attacks.

I know a small few do it for profit, some do it just to see if it can be done but why do some do it just for sheer vandalism reasons?
I mean, if they are that clever to get through firewalls, security and are able to change/hack/etc sites and re-do them - why not instead put those brains of their to good use and make a bit more legit money for themselves.

Just as "thicko" is ripping the phone out of your nearest phone box or knocking seven bells out of someone's car or destroying a bus shelter - what motivates them?
Is it boredom, jealousy, hatred...etc? I scratch me head sometimes in wonder and thats being honest.

Why?

billybigunz

It is good craic ****ing up somebodies day.

indough

probably to show that it can be done and to prove they are the ones capable of doing it

pablomakaveli

It's to compensate for the fact they are virgins with a tiny penis.

epgc3fyqirnbsx

I was actually wondering about this myself lately
They must be twisted bitter little f*cks no different to common vandals, they just use a different platform
I came to the conclusion that they have inferioirty complexes in the real world and overcompensate by having superiority complexes in the virtual world, they feel like gods who corrupt and destroy as they choose for the simple fact that they're unhappy in themselves and unwilling to do anything positive about it.
Thats what I reckon anyways...
Little pr1cks

dotsman

pablomakaveli wrote: »

It's to compensate for the fact they are virgins with a tiny penis.

Definitely on to something here.

Also, one does not need to be intelligent to hack into a website. If one has enough spare time (due to lack of friends/partner/hobbies/life), they can quickly learn how to use few tricks/tools to get past most websites' security (most websites only employ very basic security protocols).

Doyler92

Because they can. Honestly.

indough

i doubt its that easy to attack a popular website, the easier ones are probably only used for learning and practice

it's just another weird subculture ill never understand anyway, ive always imagined them as the same type of people who sit at home self-harming while reading twilight

Herb Powell

Makes me feel like a big man

SugarHigh

It's probably just for a challenge.

On the release of the xbox 360 MS claimed it was unhackable so this of course guaranteed it was hacked within months.

m5ex9oqjawdg2i

I guess they do it for the craic? Recognition? To do it because they can? I doubt they get any financial reward in most cases. Look at activision, or PS3. Their hardware and software is cracked because the companies sometimes claim "this will never be cracked" etc etc, then somebody says "oh yea? Well i'm going to crack it, however long it takes".

What were the sites if you don't mind me asking biggins?

SugarHigh

pablomakaveli wrote: »

It's to compensate for the fact they are virgins with a tiny penis.

The guy who played the main teenager in Dazed and confused was and is a hacker.

He was a movie star in his teens so I can't imagine he had trouble scoring and I doubt he had an inferiority complex so why was he a hacker?

I think it's purely for the challenge by breaking the security on something like the Ipod you are effectively going up against a billion dollar companies security division and seeing if you can outsmart them.

R0ot

Some have political reasons such as the Aussie government sites being nuked by Anonymous for the Aussies proposed 'internet filter'.

Some due to differences in opinion.

Some due to misdirected hatred (Estonia net shutdown)

Some to just get their voices heard, Chinese sites get hit a lot.

Some just to show off to say "I did this".

Why does anybody do anything malicious?

Biggins

Asher Salmon Bugle wrote: »

What were the sites if you don't mind me asking biggins?

Ones that can't be posted here as per the rules.

Corkfeen

I used to be involved in the hacking scene. Alot of the hackers are pretty much pissed off teenagers who probably have an element of compensation going on.:D Some hackers are geniuses and enjoy a bit of good old fashioned Mr Burns Destruction.

But just to point out not all hackers are evil. I know plenty who literally find flaws in the sites and warn the site owner, nice way to make a bit of cash on the side. Some dos attack the crap out of sites because of their agenda (Westboro Baptist Church, Scientology etc....). Too lazy to explain any further.

a5y

Biggins wrote: »

Ones that can't be posted here as per the rules.

I don't suppose you could even describe, in the broadest sense, what the sites were? Because when a site goes down alot of the assumptions I make about who did it and why are based on the content of the site.

For example, if say a politicians site went down in the US and a political site went down in China I'd think very different people for very different reasons were responsible for it. Same goes for warez sites, Twilight fansites whatever.

I'd even imagine its not beyond the resources of well funded groups of all shapes and sizes to have a site DDOS'ed, if they felt it would benefit them. I'd even bet the hackers have business cards and bizarre job descriptions for such.

I could be wrong though. Maybe all those movies are well researched theses on the hacker life.

Biggins

Corkfeen wrote: »

...But just to point out not all hackers are evil. I know plenty who literally find flaws in the sites and warn the site owner, nice way to make a bit of cash on the side. Some dos attack the crap out of sites because of their agenda (Westboro Baptist Church, Scientology etc....). Too lazy to explain any further.

Yea, I get that bit but some are so good at it that genuinely, I think they could make some serious bucks if they put those skills to better use. Thats all.
I can understand some of the reasons, some others sadly however escape me.
I guess I'm just old.

ya-ba-da-ba-doo

Is anyone elses facebook not working at the moment?

drunkymonkey

It's to stick it to 'The Man' !

m5ex9oqjawdg2i

Kasen Sharp Self-restraint wrote: »

I was actually wondering about this myself lately
They must be twisted bitter little f*cks no different to common vandals, they just use a different platform
I came to the conclusion that they have inferioirty complexes in the real world and overcompensate by having superiority complexes in the virtual world, they feel like gods who corrupt and destroy as they choose for the simple fact that they're unhappy in themselves and unwilling to do anything positive about it.
Thats what I reckon anyways...
Little pr1cks

They are pretty intelligent if you ask me.

indough

Biggins wrote: »

I think they could make some serious bucks if they put those skills to better use. Thats all.

they probably do that as well as hacking in their spare time

Biggins

billybigunz wrote: »

It is good craic ****ing up somebodies day.

Sadly, some day it might be yours. How will one feel about it then?
One of mine was hacked recently and information stolen for financial reasons - that I get, but doing it and gaining nothing AT ALL!!!
Strange, just strange.

RoyalMarine

im glad im going into computer security. Id love to make some of these fúck wit's get what they deserve for this nonsense.

Stench Blossoms

Some people are just plain nasty.

Just trying to show that they are 'the man' etc.

There is always more money in hacking though.

Not hacking exactly but what happened in this thread is similar.

a5y

Biggins wrote: »

Sadly, some day it might be yours. How will one feel about it then?
One of mine was hacked recently and information stolen for financial reasons - that I get, but doing it and gaining nothing AT ALL!!!
Strange, just strange.

To the right person that information might be more valuable than credit card numbers.

On the other hand the site might only have been hacked because it used a server with a known vulnerability, and the hacker was really just some 15 year old skiddy who was more or less following a tutorial to try and become a L337 hax0r (Uuugh).

CrazyRabbit

Biggins wrote: »

Just curious, I know of three sites in that in the last day or two have been taken off the net by hackers in huge concentrated denial of service attacks.

I know a small few do it for profit, some do it just to see if it can be done but why do some do it just for sheer vandalism reasons?

I do it to make all you noobs realise that you are indeed noobs. Bask in my awesomeness!

pablomakaveli wrote: »

It's to compensate for the fact they are virgins with a tiny penis.

So very true.

......hey!:mad:

SugarHigh

Biggins are you involved in associated content and affiliate sites?

Biggins

SugarHigh wrote: »

Biggins are you involved in associated content and affiliate sites?

No. I have my own fully legit .ie and .com sites.

dsmythy

What sites have been hit recently?

epgc3fyqirnbsx

Asher Salmon Bugle wrote: »

They are pretty intelligent if you ask me.

I have no doubt they are very intelligent

Keano

Some do it just to be a pain in the ass!

But like everything else there is a financial element towards it. For instance, a hacker will send a email to a website saying if we do not get X amount of cash within in said hours we will take your wesbite down. A lot of companies will pay as they cannot afford to have their site down. Failure to pay could result in the hackers taking the site down and the website losing lots of money and customers.

biko

Usually because they can.

RolandIRL

pablomakaveli wrote: »

It's to compensate for the fact they are virgins with a tiny penis.

what if they're a woman...they've got a tiny vag, the width of a 2c coin? :eek:

bertie4evr

pablomakaveli wrote: »

It's to compensate for the fact they are virgins with a tiny penis.

HEY!:mad:

Biggins wrote: »

Ones that can't be posted here as per the rules.

One wouldn't begin with a D and end in a D would it?;)

Biggins

bertie4evr wrote: »

One wouldn't begin with a D and end in a D would it?;)

That would be one.

Dazd_N_Confusd

For ****s and giggles?

I guess ****ing someone over on the internet isn't as 'bad' as doing it in real life?

RoyalMarine

Dazd_N_Confusd wrote: »

For ****s and giggles?

I guess ****ing someone over on the internet isn't as 'bad' as doing it in real life?

The internet is real life. A lot of companies use the internet to survive. A lot of people use the internet on a daily basis for news, taking to family, taking to co-workers and helping them with everything else in their lives.

The internet is not just porn, social websites and games.

whiteboy

I love hacking peoples computers

Dazd_N_Confusd

RoyalMarineComm wrote: »

The internet is real life. A lot of companies use the internet to survive. A lot of people use the internet on a daily basis for news, taking to family, taking to co-workers and helping them with everything else in their lives.

The internet is not just porn, social websites and games.

Yeah, it's also about illegally downloading huge amounts of music and robbing hard working musicians of their income. I blame Rapidshare!

starbelgrade

The only thing I've ever hacked is phlegm.

RoyalMarine

Dazd_N_Confusd wrote: »

Yeah, it's also about illegally downloading huge amounts of music and robbing hard working musicians of their income. I blame Rapidshare!

why blame a company when its the uploader's who are the one's sharing the files.

rapidshare terms and conditions wrote:

II. Upload Regulations

(1) Basically, users may save any file at RapidShare irrespective of the file format or of the file contents. Excluded, however, are files the possession and/or circulation of which is illegal, such as

* - child pornography content,
* - works the download of which violates third party copyrights;
* - racist or violence-glorifying works,
* - instructions to criminal offences against public peace.

This list is not conclusive.

(2) RapidShare will block access to such contents immediately after obtaining knowledge thereof and will delete them after an examination phase of 14 days. Furthermore, it will delete files which are identical to previously deleted files.

(3) With regard to users who violate these upload regulations, RapidShare is entitled to terminate the contractual relationship without notice , to block the access of the respective users to its services and/or to delete accounts of such users including all contents.

And they do actively delete files!

Dean820

Revenge.

Seaneh

The same reason anyone does Anything!

Seaneh

RoyalMarineComm wrote: »

The internet is real life. A lot of companies use the internet to survive. A lot of people use the internet on a daily basis for news, taking to family, taking to co-workers and helping them with everything else in their lives.

The internet is not just porn, social websites and games.

your own fault imho.

srs bsns

monkeyfudge

I had a page set up as memorial to my best friend who died this time last year. It was sort of an online book of condolences. Wasn't crazy about the idea myself but it was something I was asked to set up...

But it got hacked about 2 months ago, so I just took the whole thing down.

Not sure what thrill the hackers gained out of it.... but they are absolute scum in my book anyway.

MidnightQueen

Its out of complete jelousy too.
A friends site got hacked and deleted last year. After the site got done up again, it took a while for the poor guy to develop an interest in it again. The hackers even threatened his family. How sad is that.

msg11

From Cisco.com. And if you really want to know you will read this;

The Increasing Threat to Security

Over the years, network attack tools and methods have evolved. As shown in the figure, in 1985 an attacker had to have sophisticated computer, programming, and networking knowledge to make use of rudimentary tools and basic attacks. As time went on, and attackers' methods and tools improved, attackers no longer required the same level of sophisticated knowledge. This has effectively lowered the entry-level requirements for attackers. People who previously would not have participated in computer crime are now able to do so.

As the types of threats, attacks, and exploits have evolved, various terms have been coined to describe the individuals involved. Some of the most common terms are as follows:

White hat-An individual who looks for vulnerabilities in systems or networks and then reports these vulnerabilities to the owners of the system so that they can be fixed. They are ethically opposed to the abuse of computer systems. A white hat generally focuses on securing IT systems, whereas a black hat (the opposite) would like to break into them.
Hacker-A general term that has historically been used to describe a computer programming expert. More recently, this term is often used in a negative way to describe an individual that attempts to gain unauthorized access to network resources with malicious intent.
Black hat-Another term for individuals who use their knowledge of computer systems to break into systems or networks that they are not authorized to use, usually for personal or financial gain. A cracker is an example of a black hat.
Cracker-A more accurate term to describe someone who tries to gain unauthorized access to network resources with malicious intent.
Phreaker-An individual who manipulates the phone network to cause it to perform a function that is not allowed. A common goal of phreaking is breaking into the phone network, usually through a payphone, to make free long distance calls.
Spammer-An individual who sends large quantities of unsolicited e-mail messages. Spammers often use viruses to take control of home computers and use them to send out their bulk messages.
Phisher-Uses e-mail or other means to trick others into providing sensitive information, such as credit card numbers or passwords. A phisher masquerades as a trusted party that would have a legitimate need for the sensitive information.


Think Like a Attacker

The attacker's goal is to compromise a network target or an application running within a network. Many attackers use this seven-step process to gain information and state an attack.

Step 1. Perform footprint analysis (reconnaissance). A company webpage can lead to information, such as the IP addresses of servers. From there, an attacker can build a picture of the security profile or "footprint" of the company.

Step 2. Enumerate information. An attacker can expand on the footprint by monitoring network traffic with a packet sniffer such as Wireshark, finding information such as version numbers of FTP servers and mail servers. A cross-reference with vulnerability databases exposes the applications of the company to potential exploits.

Step 3. Manipulate users to gain access. Sometimes employees choose passwords that are easily crackable. In other instances, employees can be duped by talented attackers into giving up sensitive access-related information.

Step 4. Escalate privileges. After attackers gain basic access, they use their skills to increase their network privileges.

Step 5. Gather additional passwords and secrets. With improved access privileges, attackers use their talents to gain access to well-guarded, sensitive information.

Step 6. Install backdoors. Backdoors provide the attacker with a way to enter the system without being detected. The most common backdoor is an open listening TCP or UDP port.

Step 7. Leverage the compromised system. After a system is compromised, an attacker uses it to stage attacks on other hosts in the network.


Threats to Networks

Earlier in this chapter the common computer crimes that have implications for network security were listed. These crimes can be grouped into four primary classes of threats to networks:

Unstructured Threats

Unstructured threats consist of mostly inexperienced individuals using easily available hacking tools, such as shell scripts and password crackers. Even unstructured threats that are only executed with the intent of testing an attacker's skills can do serious damage to a network. For example, if a company website is hacked, the reputation of the company may be damaged. Even if the website is separated from the private information that sits behind a protective firewall, the public does not know that. What the public perceives is that the site might not be a safe environment to conduct business.

Structured Threats

Structured threats come from individuals or groups that are more highly motivated and technically competent. These people know system vulnerabilities and use sophisticated hacking techniques to penetrate unsuspecting businesses. They break into business and government computers to commit fraud, destroy or alter records, or simply to create havoc. These groups are often involved with the major fraud and theft cases reported to law enforcement agencies. Their hacking is so complex and sophisticated that only specially trained investigators understand what is happening.

In 1995, Kevin Mitnick was convicted of accessing interstate computers in the United States for criminal purposes. He broke into the California Department of Motor Vehicles database, routinely took control of New York and California telephone switching hubs, and stole credit card numbers. He inspired the 1983 movie "War Games."

External Threats

External threats can arise from individuals or organizations working outside of a company who do not have authorized access to the computer systems or network. They work their way into a network mainly from the Internet or dialup access servers. External threats can vary in severity depending on the expertise of the attacker-either amateurish (unstructured) or expert (structured).

Internal Threats

Internal threats occur when someone has authorized access to the network with either an account or physical access. Just as for external threats, the severity of an internal threat depends on the expertise of the attacker.

Just too add, before any hacking/attacking takes place. Social engineering is high on the list, and is down on Cisco.com as the number one cause of most hacks, a simple telephone call.

To be 1337.

Dermot Illogical

To be on the news

Seachmall

Some do it for sport, some do it out of boredom, some do it for profit, some do it because they don't like you, your site or 'what you stand for'.

Why do people tag the street? Why do some do photography?

The guys who take down you or your friend's ****ty site? They're probably just practicing. Having a site is like having a house, if you leave the front door and windows open don't be surprised when someone takes your TV.