Taking down teen hackers

One of the reasons why teen hackers are easier to stop than their older, professional counterparts is that most of the kids appear to desire some level of fame and popularity tied to their cyber-crime exploits

While the problem of teen hacking remains a serious concern -- as highlighted in this previous post on the topic -- infiltrating the networks of kids involved in such activity, taking down their malware distribution Web sites, and convincing them to get out of the cyber-criminal game can be relatively easy, according to FaceTime Labs researcher Chris Boyd, better known in online circles under his Paper Ghost screen name.

The emergence of aspiring hackers among the so-called Echo Generation set continues to move forward, the expert said in his presentation at the RSA Conference 2008 on Thursday.

Growing numbers of teens as young as 12 or 13 years old are becoming actively involved in phishing, online credential theft and nefarious adware distribution, according to Boyd, who is one of the only experts on the planet currently looking into the trend.

However, with a little low-tech research and some relatively harmless scare tactics, many of the teen hackers can be driven to stop their illegal behavior, and in some cases even begin helping to prevent other kids from engaging in e-crime activity, the expert maintains.

The Echo hackers typically get started in the underground world by utilizing and distributing malware programs that can be used to steal account credentials tied to online role playing games such as Worlds of Warcraft, said Boyd.

However, many of the teen attackers then move quickly into far more serious activity, such as stealing credentials for social networking sites including MySpace to flood the electronic message boards with inappropriate content, and creating revenue-generating phishing schemes built around legitimate brands such as PayPal, he said.

One of the reasons why teen hackers are easier to stop than their older, professional counterparts is that most of the kids appear to desire some level of fame and popularity tied to their cyber-crime exploits. This lust for recognition often leads to the teens leaving clues to their real world identities throughout their work, making it far easier to track the individuals down, according to Boyd.

In many cases the Echo hackers become involved in groups of like-minded teens to share information about the programs they use and the attacks they've carried out on underground forum sites.

By tracing the details in those forums to their users' MySpace accounts, YouTube videos and other online resources where the individuals may share additional details about their real-world identities, researchers and law enforcement officials can often gather the hackers' real names, geographical locations and the types of crimes they may have committed, simply by using search engines and some straightforward investigative online footwork, the expert maintains.

"There's typically a paper trail of some kind that allows you to track them down in less than ten minutes; and many of them can be dispensed with to the extent that you know that they're not coming back online to do this sort of thing again anytime soon," said Boyd. "There's a lot of information on these sites such that it only takes a little bit of investigation and you can gather a lot of details about these bad guys."

Unfortunately, even when researchers like Boyd can find Echo hackers who are wreaking serious havoc online, getting ISPs and law enforcement officials to intervene, or even pick up the phone and tell them to stop, is often impossible, he said.

As such, Boyd has begun scaring some of the teens offline himself by showing them just how easily he can piece together their real IDs, and provide evidence of the types of crimes they've been committing.

Often times, once the perpetrators realize how easily their work can be traced to their real identities, they apologize for their malicious activities and bail, he said.

In one case, the researcher notified a teen hackers' mother of her son's exploits, and secretly invited her into an IM chat where her son admitted all the details of the schemes that he had been carrying out online. When the mother identified herself at the end of the chat, it was clear that the teen deeply regretted his actions, said the researcher.

In another instance, Boyd threatened to post an embarrassing and decidedly un-hip YouTube video he discovered of an identified Echo hacker onto the underground message boards that the script kiddie frequented, causing the individual to promise to stop his work as long as the clip never made it onto those pages.

One of the most effective techniques that the researcher has isolated for thwarting the teen hackers is identifying the ring leaders of their online forums, taking those hackers to task, then watching the network of sites and followers they are connected to fall apart rapidly.

"Taking out a forum leader and their sites can have a cataclysmic effect, with their followers and the networks of malware sites falling apart quickly thereafter, often times after the other kids involved begin infighting," said Boyd. "The cumulative effect can be huge; sometimes when you take down the main sites repeatedly sites, you can quickly whittle the users they have down from thousands, to hundreds of users, and then slowly kill it altogether over time. You really can learn a lot of things just by chasing these kids around."

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Matt Hines

Show Comments

Cool Tech

SanDisk MicroSDXC™ for Nintendo® Switch™

Learn more >

Breitling Superocean Heritage Chronographe 44

Learn more >

Toys for Boys

Family Friendly

Panasonic 4K UHD Blu-Ray Player and Full HD Recorder with Netflix - UBT1GL-K

Learn more >

Stocking Stuffer

Razer DeathAdder Expert Ergonomic Gaming Mouse

Learn more >

Christmas Gift Guide

Click for more ›

Most Popular Reviews

Latest Articles


PCW Evaluation Team

Edwina Hargreaves

WD My Cloud Home

I would recommend this device for families and small businesses who want one safe place to store all their important digital content and a way to easily share it with friends, family, business partners, or customers.

Walid Mikhael

Brother QL-820NWB Professional Label Printer

It’s easy to set up, it’s compact and quiet when printing and to top if off, the print quality is excellent. This is hands down the best printer I’ve used for printing labels.

Ben Ramsden

Sharp PN-40TC1 Huddle Board

Brainstorming, innovation, problem solving, and negotiation have all become much more productive and valuable if people can easily collaborate in real time with minimal friction.

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

George Khoury

Sharp PN-40TC1 Huddle Board

The biggest perks for me would be that it comes with easy to use and comprehensive programs that make the collaboration process a whole lot more intuitive and organic

Featured Content

Product Launch Showcase

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?