Litcius/Paper detail

An exploration of the cybercrime ecosystem around Shodan

Maria Bada, Ildikó Pete

202021 citationsDOI

Abstract

Discussions on underground forums provide valuable insights to hackers' practices, interests and motivations. Although Internet of Things (IoT) vulnerabilities have been extensively explored, the question remains how members of hacker communities perceive the IoT landscape. In this work, we present an analysis of IoT related discussions that are potentially cybercriminal in nature. In particular, we analyse forum threads that discuss the search engine Shodan. The source of these posts is the CrimeBB dataset provided by the Cambridge Cybercrime Centre (CCC) <sup xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">1</sup> . We analyse 1051 thread discussions from 19 forums between 2009 and 2020. The overall aim of our work is to explore the main use cases of Shodan and highlight hackers' targets and motivations. We find that Shodan is versatile and is actively used by hackers as a tool for passive information gathering providing easier access to hackable targets. Our results suggest that Shodan plays a prominent role in various specific use cases including remote control of target devices, building botnets, Distributed Denial of Service attacks and identifying open databases.

Topics & Concepts

HackerCybercrimeComputer scienceWorld Wide WebBotnetDenial-of-service attackComputer securityInternet of ThingsInternet privacyThe InternetMalwareNetwork Security and Intrusion DetectionAdvanced Malware Detection TechniquesSpam and Phishing Detection
An exploration of the cybercrime ecosystem around Shodan | Litcius