Sophos, a global leader in innovating and delivering cybersecurity as a service, today announced that it has uncovered how research contests run by cybercrime forums are helping to inspire new methods of attack and detection evasion. The contests mirror legitimate security conference ‘Call For Papers’ and provide the winners considerable financial rewards and recognition from peers and also potential jobs. As outlined in Sophos X-Ops latest report, “For the Win? Offensive Research Contests on Criminal Forums,” these contests are designed to drive innovation, and when analyzed, the entries provide invaluable insight into how cybercriminals attempt to overcome security obstacles.
Despite the long-standing nature of competitions on criminal forums, they have evolved over the years. Early cybercrime contests involved trivia quizzes, graphic design competitions and guessing games. Now criminal forums are inviting attackers to ‘submit’ articles on technical topics, complete with source code, videos, and/or screenshots. Once submitted, all forum users are invited to vote for the contest winner. However, the judging is not completely transparent as the forum owners and contest sponsors have their own votes in the matter.
“The fact that cybercriminals are running, participating, and even sponsoring these contests, suggests that there is a community goal to advance their tactics and techniques. There is even evidence to suggest that these competitions act as a tool for recruitment amongst prominent threat actor groups,” said Christopher Budd, director of threat research, Sophos. “While our research shows an increased focus on Web-3 related topics such as cryptocurrency, smart contracts and NFTs, many of the winning entries had a broader appeal and could be put to practical use, even if they weren’t particularly novel. This may be reflective of the priorities of the community but could indicate that attackers keep their best research to themselves as they can profit more from using them in real-world attacks.”
Sophos X-Ops explored two prominent annual contests: one run by the Russian-language cybercrime forum Exploit, offering a total prize fund of $80,000 to the winner of its contest in 2021, and another run on the XSS forum, with a prize pool of $40,000 in 2022. For several years, prominent members of the cybercriminal community have sponsored these events, including All World Cards and Lockbit.
In the most recent contests, Exploit themed its competition around cryptocurrencies, while XSS opened its contest up to a range of topics from social engineering and attack vectors to evasion and scam proposals. Many of the winning entries focused on abusing legitimate tools such as Cobalt Strike. One runner-up shared a tutorial on targeting initial coin offerings (ICOs) to raise funds for a new cryptocurrency and another on manipulating privilege tokens to disable Windows Defender.
39 comments
Muchas gracias. ?Como puedo iniciar sesion?
I do not even know how I ended up here, but I thought this post was great. I don’t know who you are but definitely you are going to a famous blogger if you are not already 😉 Cheers!
organic cbd oil have been a game-changer for me! They’re opportune, mouth-watering, and a passionate direction to take the benefits of CBD discreetly. I’ve set that they aid me unwind after a long epoch and to remodel my drowse quality. Extra, wily exactly how much CBD I’m getting in each gummy makes it simple to superintend my dosage. If you’re strange about maddening CBD, gummies are a great starting point. Just be certain to choose a reliable maker with high-quality ingredients after the best experience!
I couldn’t resist commenting
very good publish, i certainly love this website, carry on it
My spouse and I stumbled over here coming from a different web page and thought I might check things out. I like what I see so now i’m following you. Look forward to finding out about your web page yet again.
When I originally commented I clicked the “Notify me when new comments are added” checkbox and now each time a comment is added I get four emails with the same comment. Is there any way you can remove people from that service? Appreciate it!
I’m so happy to read this. This is the kind of manual that needs to be given and not the random misinformation that’s at the other blogs. Appreciate your sharing this best doc.
It?¦s actually a nice and useful piece of information. I?¦m happy that you shared this useful info with us. Please stay us informed like this. Thanks for sharing.
naturally like your web site however you need to check the spelling on several of your posts. Many of them are rife with spelling issues and I find it very bothersome to inform the truth however I will surely come again again.
I beloved up to you will receive carried out proper here. The caricature is attractive, your authored subject matter stylish. however, you command get bought an nervousness over that you would like be delivering the following. in poor health definitely come further previously again since exactly the same nearly a lot continuously inside case you protect this hike.
Great wordpress blog here.. It’s hard to find quality writing like yours these days. I really appreciate people like you! take care
Yay google is my queen aided me to find this outstanding website ! .
I have been exploring for a little bit for any high quality articles or blog posts on this kind of space . Exploring in Yahoo I eventually stumbled upon this website. Reading this information So i am glad to convey that I have an incredibly excellent uncanny feeling I discovered just what I needed. I most certainly will make sure to don¦t omit this site and give it a glance on a relentless basis.
Good day I am so happy I found your web site, I really found you by accident, while I was researching on Askjeeve for something else, Nonetheless I am here now and would just like to say thank you for a marvelous post and a all round entertaining blog (I also love the theme/design), I don’t have time to go through it all at the moment but I have book-marked it and also added your RSS feeds, so when I have time I will be back to read more, Please do keep up the fantastic job.
of course like your web site however you need to take a look at the spelling on quite a few of your posts. A number of them are rife with spelling issues and I to find it very troublesome to inform the reality on the other hand I?¦ll surely come again again.
I truly appreciate this post. I?¦ve been looking all over for this! Thank goodness I found it on Bing. You’ve made my day! Thanks again
It’s truly a great and helpful piece of info. I’m glad that you just shared this helpful info with us. Please keep us informed like this. Thanks for sharing.
I think this website has some real superb info for everyone. “Dealing with network executives is like being nibbled to death by ducks.” by Eric Sevareid.
I am not real excellent with English but I get hold this real easygoing to read .
naturally like your web-site however you need to check the spelling on quite a few of your posts. A number of them are rife with spelling issues and I find it very troublesome to tell the reality on the other hand I will certainly come again again.
When I originally commented I clicked the -Notify me when new comments are added- checkbox and now each time a comment is added I get four emails with the same comment. Is there any way you can remove me from that service? Thanks!
It is really a great and useful piece of information. I am glad that you shared this useful info with us. Please keep us up to date like this. Thanks for sharing.
I have recently started a web site, the info you provide on this web site has helped me tremendously. Thanks for all of your time & work.
Would love to perpetually get updated outstanding web blog! .
Great paintings! This is the type of information that should be shared across the internet. Disgrace on Google for not positioning this put up upper! Come on over and visit my website . Thank you =)
Some genuinely fantastic information, Glad I observed this. “The world is the sum-total of our vital possibilities.” by Jose Ortega y Gasset.
he blog was how do i say it… relevant, finally something that helped me. Thanks
Yeah bookmaking this wasn’t a bad conclusion outstanding post! .
I’ve started using CBD gummies like https://www.cornbreadhemp.com/products/full-spectrum-cbd-gummies , and they’ve made a clear-cut disagreement in my routine. They’re easy to use, taste gigantic, and accommodate a comprehensible spirit to incorporate CBD into my day. I’ve found they support me put one’s feet up and improve my catch after a extensive hour, which has been a stupendous benefit. The in keeping CBD dosage in each gummy is a humongous gain for the sake of managing intake. If you’re making allowance for CBD, gummies are an select opportunity to start with—honourable pocket sure you choose a trustworthy brand for the greatest results!
I’ve started using CBD gummies like https://www.cornbreadhemp.com/products/full-spectrum-cbd-gummies , and they’ve made a noticeable disagreement in my routine. They’re easygoing to basis, palate gigantic, and yield a simple spirit to mix CBD into my day. I’ve establish they lift me relax and improve my siesta after a crave day, which has been a gargantuan benefit. The accordant CBD dosage in each gummy is a enormous benefit looking for managing intake. If you’re account CBD, gummies are an remarkable opportunity to start with—legitimate make persuaded you select a loyal name brand for the most outstanding results!
I appreciate, cause I found just what I was looking for. You’ve ended my four day long hunt! God Bless you man. Have a great day. Bye
I keep listening to the news update lecture about getting boundless online grant applications so I have been looking around for the most excellent site to get one. Could you advise me please, where could i find some?
This design is steller! You most certainly know how to keep a reader entertained. Between your wit and your videos, I was almost moved to start my own blog (well, almost…HaHa!) Excellent job. I really enjoyed what you had to say, and more than that, how you presented it. Too cool!
Howdy! This is kind of off topic but I need some advice from an established blog. Is it hard to set up your own blog? I’m not very techincal but I can figure things out pretty fast. I’m thinking about creating my own but I’m not sure where to begin. Do you have any tips or suggestions? Cheers
You can definitely see your enthusiasm within the paintings you write. The sector hopes for even more passionate writers like you who aren’t afraid to mention how they believe. Always go after your heart. “Until you walk a mile in another man’s moccasins you can’t imagine the smell.” by Robert Byrne.
Hey there! I know this is kinda off topic however I’d figured I’d ask. Would you be interested in exchanging links or maybe guest authoring a blog post or vice-versa? My website addresses a lot of the same topics as yours and I believe we could greatly benefit from each other. If you might be interested feel free to shoot me an e-mail. I look forward to hearing from you! Awesome blog by the way!
I truly enjoy looking through on this site, it has good blog posts. “And all the winds go sighing, For sweet things dying.” by Christina Georgina Rossetti.
Perfectly written written content, Really enjoyed looking at.