Cymmetria's Dark Web analyst recently came across an interesting forum post. Someone identifying themself as a woman posted in a Dark Web forum that they need the help of a professional to hack into a specific (unnamed) hospital's database. The post explains that the woman needs to do this in order to change her own personal records, in an effort to get her kids back from an abusive husband.
The question is: Is this a real, legitimate post or just a 'honeypot' that law enforcement has created in order to catch a hacker? Either way, it doesn't make much sense.
Let's take a look at both options.
If this is simply a naïve woman who really wants help getting her kids back:
- How did this person get to the Dark Web (and especially to a closed forum) in the first place?
- Why did she choose to post in this particular forum? This is the type of forum where hackers try to prove that they're not a 'good guy' (by uploading stolen info, etc.), so it doesn't make sense that someone would post this type of request here. Furthermore, financial gain is usually emphasized in these types of Dark Web forums, so it's strange that the woman is trying to appeal to the hackers' human side.
If it's really a woman and not law enforcement, then she is obviously unaware of the proper etiquette required on the Dark Web. One must get to know the others and gain their trust (so that others on the Dark Web will vouch for them) – not just open an account and start posting to forums after two days.
On the other hand, if this is a post that was planted by law enforcement, it seems they didn't think it through. Forum participants immediately identified the post as 'fishy'; one user even laughed in the poster's face.
If this post was indeed orchestrated by law enforcement:
- Who are they trying to catch?
- Why did they post in such a way that forum participants immediately recognized that something was off? Why would they intentionally want hackers to think that they are law enforcement?
Usually when people think of cybercrime they think of major hacks that bring about large financial gain for the hacker. And for good reason: some hackers hack purely for money and/or glory. This post, however, tries to appeal to hackers' better nature. The job is presented as a vigilante act, with the added bonus of money (rather than monetary gain being the driving force).
Whether or not this post is legitimate, and whether or not it makes sense that it was posted in this manner, it is interesting in that it shows the other side of cybercrime: cybercrime as a tool for personal use.