Every year around December, experts at NordVPN try to predict the cybersecurity risks awaiting us in the next year. This year, they decided to take a different route and look into the biggest dark web forum to find out what the most discussed topics were and base their predictions on their findings.
“Every year we try to predict sophisticated attacks from experienced hackers, who mostly target businesses or influential people,” says Marijus Briedis, a CTO at NordVPN. “Taking this year’s approach helped us realize that regular internet users, however, are often attacked by amateur hackers who are still developing their craft. They can also cause a lot of harm to their unsuspecting victims, and users need to be informed about their plans.”
Below, you will find the top five predictions made by cybersecurity experts at NordVPN based on what hackers talk about online.
Leaked nudes will be trending on the dark web
The most commented-upon threads on the forum included those about leaked nudes from OnlyFans, Instagram, and other content-sharing platforms. Threads about leaked nudes received almost 1,850 comments and were among the top 20 most-commented threads on the forum.
“This means that next year we will see even more attacks where pictures of naked people will be leaked. Another route criminals can take is using AI or deepfake technology to create fake nudes to trick their buyers,” says Marijus Briedis.
To avoid having pictures leaked online, Warmenhoven recommends abstaining from sending photos through social media and using encrypted cloud solutions when sharing photos.
AI will be there to help hackers
Hacked ChatGPT accounts and tutorials on using AI for attacks are very popular amongst hackers. This not only means that AI users are on the radar, but hackers are learning how to use AI to increase the capacity of their work and make their job easier, quicker, and more effective.
“The utilization of AI tools will facilitate the automation of a significant portion of phishing attacks, and it is anticipated that the frequency of such attacks will escalate in the future, posing significant cybersecurity threats,” says Briedis.
He also mentions that users who are unsure if they can identify phishing emails can use browser extensions created to serve that purpose.
The number of amateur hackers will be growing
Every tenth post on the forum was about learning how to execute some kind of attack. Among the most commented threads were: “How to dox,” “List of useful resources for pen-testers and hackers”, “How to hack WhatsApp of your friend by sending a single ink,” “How to instantly crack TikTok accounts easily,” “WiFi hacking course,” and others.
This means that hackers are sharing their knowledge and we can expect the number of amateur hackers to rise together with the number of attacks they execute. So users should be even more serious about their cybersecurity education and keep themselves updated about the latest attacks.
Customer data will be selling like hotcakes
Researchers found that around 55% of discussion threads were around leaked customer data, such as social media credentials, driver licenses, addresses, emails, and other bits of personal information. This means that hackers are still after vulnerable personal data and no user is safe from hacking.
Warmenhoven says that the simple thing users can do to protect their online data is to use MFA (multi-factor authentication) wherever possible.
Biometric authentication won’t be the answer
Many platforms that care about the security of their users now provide the ability to authenticate biometrically. However, the research showed that hackers have already learned how to bypass some of the biometric authentication methods, such as the selfie verification that some crypto platforms use. The thread explaining how to bypass selfie verification collected more than 200 comments.
“Biometric authentication will surely be a part of authentication in the future, but only if it is multi-factor,” says Marijus Briedis. “So we can not only predict that biometric authentication will show to be unreliable, but that more layered ways to protect online accounts will appear.”
One of the latest developments in the sphere has been passkey technology. A passkey is a pair of related keys: public and private. Public and private keys do not work without one another and therefore are useless to hackers. Moreover, the passkey on your gadget (private key) cannot be accessed without biometric identification (of the device’s owner) or a PIN, which adds extra protection.