Dark web forum reveals 5 Cybersecurity Trends for 2024

Every year experts at NordVPN predict the cybersecurity risks awaiting us in the next year. This year they decided to take a different route, looking at the biggest dark web forum to find out the trending topics among the world’s hackers.

“Every year we try to predict sophisticated attacks from experienced hackers, who mostly target businesses or influential people,” says Marijus Briedis, a cybersecurity expert at NordVPN. “This year’s approach helped us realise that regular internet users are often attacked by amateur hackers who are still developing their craft. They can also cause a lot of harm to their victims so users need to be informed about their plans.”

Here are the top five NordVPN cybersecurity predictions for 2024:

Deepfakes drawn into the mainstream

The most commented threads on the forum included those about leaked images from OnlyFans, Instagram, and other content-sharing platforms. These threads received about 1,850 comments and were among the most discussed on the forum.

“Next year we will see even more attacks where pictures of naked people will be leaked,” says Briedis. “Another route criminals will take is to use AI or deepfake technology to create fake nudes from ordinary pictures in order to trick their buyers – so any image-sharing site will be a target.”

To avoid having pictures leaked online, Briedis recommends not sending images through social media and using encrypted cloud solutions when sharing photos.

AI will be a hacker’s best friend

Hacked ChatGPT accounts and tutorials on using AI for attacks are very popular among hackers. This not only means that AI users are on their radar, but hackers are learning how to use advanced technology to increase the capacity of their work and make their job easier, quicker, and more effective.

“Using AI tools will help automate a significant portion of phishing attacks, making it highly likely these attacks will continue to increase, posing significant cybersecurity threats,” says Briedis.

He also mentioned that users who are unsure they can spot phishing emails should use browser extensions like Sonar, specifically designed to sniff out scam emails created by machines.

The cybercrime side hustle

One in ten posts on the forum were about learning how to execute some form of cyberattack. Among the most commented threads were: “How to dox” (reveal and circulate information about someone online); “List of useful resources for pentesters (people who carry out simulated cyber attacks, usually on businesses) and hackers”; “How to hack WhatsApp of your friend by sending a single link”; “How to instantly crack TikTok accounts easily” and “WiFi hacking course”.

“This demonstrates that professional hackers are sharing their knowledge beyond their peers – for a price,” says Briedis. “As a result we can expect the number of amateur hackers to rise along with a growth in attacks. Users will find themselves in the line of fire more often in 2024 so keeping their devices updated and protected will be a priority, as well as keeping themselves informed about the latest types of attack.”

Customer data is the biggest show in town

Researchers found that more than half (55%) of Dark Web discussion threads were around leaked customer data, such as social media credentials, drivers’ licences, addresses, emails, and other bits of personal information.

“Hackers may be constantly upgrading their methods but when it comes to prizes, personal data is still their bread and butter,” says Briedis. “Everyone is at risk but taking some straightforward safety precautions like the use of MFA (multi-factor authentication) wherever possible, will make you a far less viable target.”

Biometrics bypassed

Many platforms now offer biometric authentication as an enhanced safety feature for their users. However, the Dark Web research showed that hackers have already learned how to evade some common biometric authentication methods, such as the “selfie verification” that some crypto platforms use. The thread explaining how to bypass this feature had more than 200 comments.

“Biometrics will surely be a part of authentication in the future, but only if it is part of a multi-factor approach,” says Briedis. “On its own, biometric authentication will be easily bypassed in 2024, which will lead to the appearance of more layered forms of security to protect online accounts.”

One of the latest developments in the sphere has been passkey technology. A passkey is a pair of related keys: public and private. Public and private keys do not work without one another and therefore are useless to hackers. Moreover, the passkey on your gadget (private key) cannot be accessed without biometric identification (of the device’s owner) or a PIN, which adds extra protection.

Dec 6, 2023Chris Price

For latest tech stories go to TechDigest.tv

Cookie	Duration	Description
cookielawinfo-checkbox-advertisement	1 year	Set by the GDPR Cookie Consent plugin, this cookie records the user consent for the cookies in the "Advertisement" category.
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
CookieLawInfoConsent	1 year	CookieYes sets this cookie to record the default button state of the corresponding category and the status of CCPA. It works only in coordination with the primary cookie.
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Cookie	Duration	Description
__atuvc	1 year 1 month	AddThis sets this cookie to ensure that the updated count is seen when one shares a page and returns to it before the share count cache is updated.
__atuvs	30 minutes	AddThis sets this cookie to ensure that the updated count is seen when one shares a page and returns to it before the share count cache is updated.

Cookie	Duration	Description
at-rand	never	AddThis sets this cookie to track page visits, sources of traffic and share counts.
disqus_unique	1 year	Set to record internal statistics for anonymous visitors.
uvc	1 year 1 month	addthis.com sets this cookie to determine the usage of addthis.com service.
_ga	1 year 1 month 4 days	Google Analytics sets this cookie to calculate visitor, session and campaign data and track site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognise unique visitors.
_gat_gtag_UA_*	1 minute	Google Analytics sets this cookie to store a unique user ID.
_ga_*	1 year 1 month 4 days	Google Analytics sets this cookie to store and count page views.
_gid	1 day	Google Analytics sets this cookie to store information on how visitors use a website while also creating an analytics report of the website's performance. Some of the collected data includes the number of visitors, their source, and the pages they visit anonymously.
__gads	1 year 24 days	Google sets this cookie under the DoubleClick domain, tracks the number of times users see an advert, measures the campaign's success, and calculates its revenue. This cookie can only be read from the domain they are currently on and will not track any data while they are browsing other sites.

Cookie	Duration	Description
IDE	1 year 24 days	Google DoubleClick IDE cookies store information about how the user uses the website to present them with relevant ads according to the user profile.
loc	1 year 1 month	AddThis sets this geolocation cookie to help understand the location of users who share the information.
skimGUID	10 years	Set by Slimlinks, this cookie is a unique identifier provided to each device for log analysis to determine the number of unique users for various parts of skimresources.com.
test_cookie	15 minutes	doubleclick.net sets this cookie to determine if the user's browser supports cookies.
_ir	session	This is a Pinterest cookie that collects information on visitor behaviour on multiple websites. This information is used on the website, in order to optimize the relevance of advertisement.
__gpi	1 year 24 days	Google Ads Service uses this cookie to collect information about from multiple websites for retargeting ads.

Cookie	Duration	Description
wp_api	past	Description is currently not available.
wp_api_sec	past	Description is currently not available.
xtc	1 year 1 month	Description is currently not available.

Deepfakes drawn into the mainstream

AI will be a hacker’s best friend

The cybercrime side hustle

Customer data is the biggest show in town

Biometrics bypassed

Share this:

Like this: