Hackers compete in security breach league
A new website aims to establish who the world’s most talented hacker is by allowing members to compete for ranking points by breaching internet security systems.
RankMyHack.com, which has more than 700 members, was created by “s0lar”, a hacker who claims to be a British computer science student.
The website aims to act as an independent means for hackers to verify their peers’ skills, on an underground scene where bravado is common.
“Up until now, when you met another hacker on an IRC or forum, there was no way to indicate if that hacker had any skills what so ever, RankMyHack.com was built to give a clear indication of a hackers general abilities,” s0lar wrote on the website.
“It also serves the purpose of tracking a hacker’s hacking achievements under their current alias allowing for other hackers to quickly establish the calibre of hacker they are talking to.”
Competitors win points on the leader board by breaching the security of websites. The bigger the website, the more points a hack is worth. Likewise more technically accomplished attacks attract more kudos.
The highest-scoring attack so far targeted Huffingtonpost.com, the American liberal political website. It was carried out by a hacker using the alias “Mudkip”, who currently leads the RankMyHack.com league, having breached the security of 16 websites since 28 July.
The site also offers bonus points for hacking websites that have a “bounty” on them. Such priority targets have included the British National Party and Ku Klux Klan.
S0lar, who did not respond to an email request for further comment, denied on the website that the bounties make RankMyHack.com similar to the Anonymous or LulzSec "hacktivist" groups, which have carried out a series of high-profile online attacks this year on government websites including the CIA and SOCA, as well as on private companies and repressive regimes.
“The bounty section of this site was created in an attempt to focus the abilities of talented hackers against political and government forces that need to be put back inline,” s0lar said.
“Bounties just provide a politically constructive target for hackers’ talents regardless of ability."
RankMyHack.com also allows hackers to go head to head in a “duel”, where they compete to breach the most websites in a given period.
The British government has launched its own competition for hackers who want to work on the other side of the security fence, as part of a £650m effort to improve national security online. The Cyber Security Challenge began last year and attracted thousands of entries. The first year's overall winner was a postal worker from Wakefield.