Cybersecurity reporting tends to focus on stories about governments and law enforcement agencies moving to catch the threat actors responsible for major cyberattacks. We rarely stop to think about the cybercriminal underground’s own policing activity.
Contrary to what you might expect, successful cybercriminal platforms are not the “wild west”. They have their own rules and regulations that are strictly enforced. Every day, forum administrators move to protect their own interests by banning problematic threat actors from the platforms they run.
What is a cybercriminal forum ban?
If forum members aren’t playing by the rules, they can be temporarily or indefinitely banned. Often, a single transgression on a forum can be enough for a permanent ban, regardless of the individual’s contribution to the site. Banned users often have little scope to challenge these decisions. However, becoming a banned user can cause significant damage to a threat actor’s personal brand, resulting in reputational damages in the cybercriminal community and potentially cutting off their sources of income.
Just as we saw with several forums’ recent decision to ban profitable ransomware affiliate programs, what is best for the platform trumps self-serving, individual threat actor interests. Although forum administrators do weigh up the pros and cons of such controversial decisions, at the end of the day, forums want to protect their business, safeguard their brand, maintain administrators’ authority, and avoid unwanted attention.
In this article, we set out to examine six common reasons cybercriminals are banned from forums:
Support the originator by clicking the read the rest link below.
