Honour among thieves: This cybercrime site is aims to help hackers avoid falling victim to fraud
The site contains a database of rippers and is believed to currently hold over 1,000 profiles on cybercriminals identified as posing a threat to the community iStock

Cybercrime has quickly become all-pervasive. Ironically, unsuspecting victims are not only those with limited security knowledge and/or skills. Cybercriminals themselves are not immune to falling victim to scams perpetrated by their peers. A new website that has emerged reportedly aims at helping hackers avoid falling victim to fraud.

Researchers uncovered a cybercrime and fraud detecting site called "Ripper.cc", run by and for cybercriminals. The term ripper comes from common hacker lingo, referring to someone who has a history of defrauding people.

The website aims to name and shame cybercriminals attempting to scam their own peers, in efforts to address the issues surrounding how such scammers can affect hackers' and underground marketplaces' reputation.

Why is this significant?

According to security researchers at Digital Shadows, rippers can pose significant threats to the reputation of underground cybercriminals by "decreasing profits for both legitimate buyers and sellers". The researchers claim that the Ripper.cc site emerged to counter this threat and aims to diminish "the problem of fraud so that cyber criminal marketplaces can flourish".

The site appears to have first appeared in mid-2016 and was launched via a post on a popular underground hacking forum called Exploit.in. The site contains a database of rippers and is believed to currently hold over 1,000 profiles on cybercriminals identified as posing a threat to the community. The profiles contain cybercriminals' details such as contact information as well as the details of any scams (known as "black") that they have participated in.

According to a report by Motherboard, the site also contains the profile of the pseudonymous hacker Tessa88. The hacker made headlines last year for claiming responsibility for leaking hacked databases, including those of LinkedIn and MySpace but was later accused of being a scammer.

Ripper site

The researchers note that Ripper is not the first site of its kind. Its predecessor, a site called kidala.info, has been hosting databases of rippers since around 2005. Ripper's creators came up with a cleaner and more user-friendly site for discrediting cybercriminals. The site also offers users Chrome and Firefox extensions and a jabber plugin that "highlight rippers present in the Ripper[.]cc database in the user's browser and jabber chats, allowing customers to recognise rippers with ease".

The researchers believe that Ripper's creation is not unlike a technology start-up. The site is mostly in English but its creators reportedly look set to become a "universal service" for identifying rippers. The site is also attempting to maintain a level of transparency by putting up their plugins' source code on Github. The site creators also reportedly claim that they will not allow rippers to buy their way out of the list.

The Digital Shadows researchers said: "Ripper[.]cc is another example of the industrialisation of hacking and the growing professionalism of cybercrime. If such a service becomes successful, it enables cyber criminals to significantly reduce the risks associated with rippers and the overall cybercrime economy can become more profitable allowing for further growth."

"They're definitely trying to do something different [...] They're trying to be as legit as you can be in this particular market," Rick Holland, Digital Shadows VP of strategy, told Motherboard. "However, because of what this is, it's always suspect."