“Black hats” are hackers who break into or take over computer systems with ill intent, to steal information, gain control of the data or the hardware, gain notoriety, or, more recently, with ransomware. In the last case, the victim’s hardware or data are held hostage until a ransom is paid. “White hat” hackers are comparatively benevolent, doing their work to help specific victims or for the general good. White hats often alert companies or government agencies of system weaknesses or threats. Unlike “gray hats” who get paid for their work, such as the firm who cracked the San Bernadino terrorists’ iPhone 5C, white hats do not profit from their efforts.
So why would bad guys give up other bad guys to the good guys? It’s simple: to cut down the competition. The black hats also sometimes turn in criminal hackers whom they deem to be less capable, as a point of pride. Perlotto said that when the black hats turn in another malfeasant, he and his group are happy to take down the subject down by shutting down their domains and taking control of their servers. “The criminals are pointing each other to us saying ‘hey this arsehole’s over here, take him out’ and we do,” said Perlotto. He also remarked that the black hats often just take down would-be competitors on their own.
The Shadowserver white hat also said black hat groups at times attempt to implicate other groups or countries as they seek to conceal their own identities. He mentioned discovering a Pakistani-owned Russian hacking group and when he inspected it, “I looked over it and asked ‘why are these Russians using really good Farsi?'”
Some hackers use off-the-shelf utilities for their work and are looked down on by peers who code their own malware, which is harder to detect and track. The A-level hackers do their best to disparage and damage the B-level and C-level players. It underscores Proverbs 21:10-11 — “There is no honor among thieves.”
