Hacking Tool Downloads Jump in First Half of 2021

T-Mobile is Warning that a data breach has exposed the names, date of birth, Social Security number and driver’s license/ID information of more than 40 million current, former or prospective customers who applied for credit with the company. Get Secured Now with Norton 360

The hacking tools in wide circulation are surprisingly capable.

A new HP report shows a 65% increase in the use of hacking tools downloaded from underground forums and filesharing websites during the first half of 2021 compared to the second half of 2020.

The HP report also shows a significant increase in the frequency and sophistication of cybercrime activity. The data was gathered within HP Wolf Security customer virtual machines during the first half of this year.

The hacking tools in wide circulation are surprisingly capable, according to HP. For example, one tool can solve CAPTCHA challenges to perform credential stuffing attacks against websites.

More broadly, the report found cybercrime is more organized than ever. Underground forums provide a perfect platform for threat actors to collaborate and share attack tactics, techniques and procedures.

Surprisingly Low Detection

HP's Alex Holland

HP’s Alex Holland

Alex Holland is senior malware analyst at HP.

“One of the more surprising findings was seeing how effective obfuscation can be at evading traditional detection technologies,” he said. “In March, we investigated a multi-stage obfuscated Visual Basic Script malware campaign that targeted senior business executives. An initial malicious script was used by the attacker to establish persistence on the victim’s computer and deliver secondary stages of malware. What surprised us was the low detection rate of the malware, with only 21% of antivirus scanners on VirusTotal detecting it as malicious at the time.”

The increase in hacking tool downloads likely points to growing attacker intent and capability, Holland said.

“The cybercrime ecosystem today is driven by ransomware affiliates, who have created demand for specialized services needed to conduct successful attacks, such as initial access to networks and malware distribution,” he said. “We believe this demand is having the effect of encouraging more financially-motivated criminals into cybercrime, feeding into increased levels of attacker desire and the expectation that attacks will succeed.”

Notable Threats

Among key findings in the HP report:

  • Cybercriminal collaboration is opening the door to bigger attacks…