If you’re a security researcher who wants to share your innovations and insights with the wider community (and gain some peer recognition into the bargain), you’ve got a few options: present at conferences; write papers, blogs etc.
The legitimate side of the house is awash with opportunities. But what if you’re a threat actor, whose research is usually more clandestine? In theory, there’s nothing stopping you from doing any of the above – but it could (and almost certainly will) draw unwanted attention and be counter-productive. Better to share it with other threat actors, perhaps – but how, and where? If there’s one thing criminal marketplaces do well, it’s fulfilling the needs and demands of criminals, and this area is no exception.
Read more…
Source: Sophos