Cybersecurity experts have revealed potential risks in 2024 for internet users by taking a deep dive into a Dark Web forum to learn more about trending topics among the world’s hackers.
“Every year we try to predict sophisticated attacks from experienced hackers, who mostly target businesses or influential people,” said Marijus Briedis, a cybersecurity expert at NordVPN. “This year’s approach helped us realize that regular internet users are often attacked by amateur hackers who are still developing their craft. They can also cause a lot of harm to their victims, so users need to be informed about their plans.”
Experts at NordVPN offer five predictions for 2024.
NordVPN: Cybersecurity predictions for 2024
The most commented threads on the forum included those about leaked images from content-sharing platforms. These threads received about 1,850 comments and were among the most discussed on the forum.
“Next year we will see even more attacks where pictures of naked people will be leaked,” said Briedis. “Another route criminals will take is to use AI or deepfake technology to create fake nudes from ordinary pictures in order to trick their buyers so any image-sharing site will be a target.”
To avoid having pictures leaked online, Briedis recommends not sending images through social media and using encrypted cloud solutions when sharing photos.
Hacked ChatGPT accounts and tutorials on using AI for attacks are very popular among hackers. This not only means that AI users are on their radar, but hackers are learning how to use the advanced technology to increase the capacity of their work and make their job easier, quicker and more effective.
“Using AI tools will help automate a significant portion of phishing attacks, making it highly likely these attacks will continue to increase, posing significant cybersecurity threats,” said Briedis.
Users who are unsure they can spot phishing emails should use s browser extension to sniff out scam emails created by machines.
The cybercrime side hustle
One in 10 posts on the forum were about learning how to execute some form of cyberattack.
Among the most commented threads were:
- “How to dox” (reveal and circulate information about someone online)
- “List of useful resources for pentesters (people who carry out simulated cyber attacks, usually on businesses) and hackers”
- “How to hack WhatsApp of your friend by sending a single link”
- “How to instantly crack TikTok accounts easily”
- “WiFi hacking course”
“This demonstrates that professional hackers are sharing their knowledge beyond their peers for a price,” saif Briedis. “As a result, we can expect the number of amateur hackers to rise along with a growth in attacks. Users will find themselves in the line of fire more often in 2024 so keeping their devices updated and protected will be a priority, as well as keeping themselves informed about the latest types of attack.”
Researchers found that more than half (55 percent) of Dark Web discussion threads were around leaked customer data, such as social media credentials, drivers’ licenses, addresses, emails and other bits of personal information.
“Hackers may be constantly upgrading their methods but when it comes to prizes, personal data is still their bread and butter,” said Briedis. “Everyone is at risk but taking some straightforward safety precautions like the use of MFA (multi-factor authentication) wherever possible, will make you a far less viable target.”
Many platforms now offer biometric authentication as an enhanced safety feature for their users.
However, the Dark Web research showed that hackers have already learnt how to evade some common biometric authentication methods, such as the “selfie verification” that some crypto platforms use. The thread explaining how to bypass this feature had more than 200 comments.
“Biometrics will surely be a part of authentication in the future, but only if it is part of a multi-factor approach,” said Briedis. “On its own biometric authentication will be easily bypassed in 2024, which will lead to the appearance of more layered forms of security to protect online accounts.”
One of the latest developments in the sphere has been passkey technology. A passkey is a pair of related keys: public and private. Public and private keys do not work without one another and therefore are useless to hackers. Moreover, the passkey on your gadget (private key) cannot be accessed without biometric identification (of the device’s owner) or a PIN, which adds extra protection.