A growing number of experienced hackers have begun offering structured hacking courses for crooks seeking to make a career in cybercrime.
The courses range from the basics of online fraud to advanced courses on online anonymity tools, botnets, cleaning up electronic evidence and dealing with law enforcement, according to RSA, the security division of EMC Corp.
Often, the courses have a formal curriculum similar to that adopted by legitimate academic institutions, said Limor Kessem, a cyber intelligence expert at RSA, in a blog post Wednesday.
Many courses even have strictly enforced absentee policies where students are required to provide advance notice if they are unable to attend a class, or forfeit part of the fee for a missed session. Some of the courses come with offers to help graduates find jobs with underground cyber communities while in other cases, those teaching the courses vouch for their star pupils via underground channels, Kessem wrote.
The courses are typically advertised in known hacker networks. The classes are usually held via live Skype videoconferencing sessions with “professors” partaking in question-and-answer sessions with their students.
Seasoned hackers have always offered such advice to aspiring cybercrooks, said Berk Veral, senior product marketing manager at RSA. What’s different now is the proliferation of such services, he said. Over the past few months, RSA has observed a sharp spike in the availability of online cybercrime courses, a majority of which appear to be based out of Russia or taught in Russian.
“We used to see one or two people advertising such courses in chat rooms and forums where cyber criminals hang out,” Veral said. The number of such courses has increased significantly, he added. “The courses are much more organized with different curriculums and different courses for different skill levels,” he said.
Some examples of the courses being advertised by cybercriminals include foundational courses that teach “students” the basics of credit and debit card fraud, how to avoid being caught by law enforcement and what information can and cannot be used in court. The price per lecture is typically 2,500 rubles or about $75, according to Kessem.
Many hackers also have begun offering online courses in “carding” techniques, or how to use credit and debit cards fraudulently. The courses, which are extremely popular, point students toward easy targets for carding and provide them with credit card numbers that have been tested and verified as good for use in fraudulent purchases. Advanced curriculums, which typically start at around $50, include a practical session where students are walked through the process of making a fraudulent transaction, Kessem wrote in the RSA blog.
Other courses available in the cyber underground include those that focus on helping aspiring hackers learn how to hide their tracks on a compromised system, how to evade antivirus and firewall tools and how to use proxies, browsers, safe email mailboxes and disposable email to remain anonymous on the Internet. Some classes offer tips on how to build a hacking service and find customers, the RSA blog noted.
What’s interesting about the latest trend is the brazenness with which some of the courses are being offered, Veral said. In the past, hackers used to be much more cautious about whom they dealt with, but the new breed appears somewhat less cautious, he said. “They are taking bigger risks,” probably as a result of the sheer number of people in the hacker underground, Veral said. “It’s not limited to a small group of people now. This whole thing is part of a bigger trend of fraud as a service become more sophisticated day by day.”