dark side, dunkle Seite der Macht, côté obscur, lato oscuro

Star Wars, hackers, and the call of the dark side

Ben, son of Princess Leia and Han Solo, and Albert Gonzalez, convicted hacker, have a lot in common – and we’re not just talking about long curly hair. Both Ben and Albert fell to the seductive power of the dark side of the force; Ben channeling the evil forces of his grandfather Darth Vader while Albert founded the Shadowcrew.com dark web site and misused his hacking abilities to steal credit card information worth millions.

Reality may have a more seductive dark side than Star Wars. After all, Ben never seemed to get beyond destructive teenager tantrums in his fall to the dark side. And, he is/was just a fictional movie character. But Albert is real and had extensive hacking skills. His last feat was stealing around 130 million credit card numbers. His work paid off – in the short term – as the authorities dug up a barrel stuffed with $1.1 million in cash from the backyard of his parents. And yes, Albert is now in the middle of a 20-year prison sentence.

I just don’t think that this was the life path parents envisioned when they gave little Albert his first computer at the tender age of eight.

But his tale does show the pull of the dark side. Security researchers try to measure this pull – and they do it in dollars and Bitcoin while tracking the sale price of newly discovered zero-day software vulnerabilities. Because when it comes to making money off new vulnerabilities, hackers have three basic choices. They can try to use it themselves, they can sell it directly to the software companies, or they can sell it on the dark web to someone else who will take over the task of monetizing this discovery.

Here is a current example: A Window’s bug went on sale for $90,000 this month as a Russian-language cybercrime forum. It was a second-level software vulnerability called a “local privilege escalation” (LPE) which is paired with another vulnerability to deliver something nasty to the end computer user.

According to Krebsonsecurity, that type of vulnerability would also qualify for a big reward from Microsoft’s own bounty program. Last summer, Microsoft raised its reward from $50,000 to $100,000 for information about vulnerabilities that can bypass their Enhanced Mitigation Experience Toolkit.

But somehow, the call of the dark side was stronger. While there is a debate over the actual value of this specific zero-day vulnerability, there is no dispute that a thriving market for software vulnerabilities exists. The market encompasses cybercrime forums, exploit brokers, developers, and yes hackers.

Yes, the force is with them – and some substantial financial rewards.

Since cybercrime forums and bounty programs such as Bugcrowd used by Avira check the individual hacker’s past work and reputation, switching sides can be difficult. But as Kevin Mitnick has shown, it can be done. And to make sure that your computer is protected against those who have fallen to the dark side, keep your software updated with Avira.

This post is also available in: GermanFrenchItalian

As a PR Consultant and journalist, Frink has covered IT security issues for a number of security software firms, as well as provided reviews and insight on the beer and automotive industries (but usually not at the same time). Otherwise, he’s known for making a great bowl of popcorn and extraordinary messes in a kitchen.