Black hat hackers on demand
Everybody knows that malicious hacking is illegal, but there are services out there that seem not very concerned with the fact. Some of them have been operating for 3 years now, or so they claim on their website.
Slick Hackers, Your Hackers, Pirate Hackers – no matter the name, they offer the same service: hacking into web-based email accounts or social networks user accounts (Yahoo, Gmail, Hotmail, AOL, MySpace, Facebook, etc.) and providing you with the password.
They even offer proof in the way of screenshots of inboxes, with your test email inside. The price varies from service to service, and ranges from $70 to 125$, but who knows? Maybe they are all one group, with several different fronts. Maybe the bigger price is only there to make you feel better about giving $70 dollars for the information.
According to David Lee Miller, security consultant Kevin Mitnick – yes, the one that used to be a hacker himself – says that in spite of some of them claiming to use proprietary software and methodology, they actually take the social engineering approach.
He set up an email account for a fictitious girlfriend, then asked the hackers to discover the password. But there was another bit of information they wanted from him – the name of a close friend of the girlfriend.
Their next step was to send an email greeting card to the target account, using the name of the friend as the sender. To retrieve the card, the victim gets redirected to the sign on page for the email service that the victim uses. Or so it seems.
The website in question is a fake, and it was made by the hackers so that when the victim enters the username and password again, the information is sent to them. To keep the victim oblivious to the scam, the greeting card is produced.
Aside for all of this being illegal, and the possibility of getting scammed out of your hard-earned cash, there is another danger tied to using such services: you could get blackmailed by the very people you hired. To wrestle you out of an additional sum of money, they can threaten to expose you to the people whose account you have had hacked.
But how do this services manage to still exist? Why doesn’t the police do something about it? The truth is that prosecuting them is a law priority for law enforcement. So says Orrin Kerr, a law professor that used to work as a prosecutor in cyber crime cases. Also, a lot of victims never discover that their accounts have been compromised.