According to Rob Rachwald, director of security with Imperva, after some initial research, the site appears to be a genuine leader board, allowing hackers to submit proof of their hacks in exchange for ranking points.
These points, he says, allow hackers to earn a place on the 'leaderboard of legends' and the bigger the site that is hacked, the bigger the points.
Hackers, he says in his latest security posting, can use their points to duel online with other hackers.
“So far more than 1000 sites [have been] hacked in this competition, including very high profile ones”, he says, adding that the top hack currently goes to a hacker who broke into the Huffington Post .
“Can we be sure that everything in this list is real? We can't”, he notes, but adds that there is a good chance that many of them are, since the site validates the hack.
Many of the sites, says the director of the data security specialist, are known to be vulnerable, such as sites that are on one of the hacker's (Srbleche's) lists on the site.
In order to be ranked on the site, Rachwald says that hackers need to prove that they actually hacked the portal. This is done, he adds, by inserting a pre-defined text string into the hacked page(s).
Rankmyhack then scans for that text in the page and gives the hacker a score based on how popular the website is, although he notes that low points are awarded for cross-site scripting (XSS) attacks, whilst bonus points are awarded to hacking racist or government (edu, mil and gov) portals.
There is also a duel mode, he says, in which hackers can compete with their peers on hacking as many sites as possible in a given time.