A black hat (black hat hacker or blackhat) is a computer hacker who violates laws or ethical standards for nefarious purposes, such as cybercrime, cyberwarfare, or malice. These acts can range from piracy to identity theft. A black hat is often referred to as a "cracker".

The term originates from 1950s westerns, with "bad guys" (criminals) typically depicted as having worn black hats and "good guys" (heroes) wearing white ones. In the same way, black hat hacking is contrasted with the more ethical white hat approach to hacking. Additionally, there exists a third category, called grey hat hacking, characterized by individuals who hack, usually with good intentions but by illegal means.

Criminals who intentionally enter computer networks with malicious intent are known as "black hat hackers". They may distribute malware that steals data (particularly login credentials), financial information, or personal information (such as passwords or credit card numbers). This information is often sold on the dark web. Malware can also be used to hold computers hostage or destroy files. Some hackers may also modify or destroy data in addition to stealing it. While hacking has become an important tool for governments to gather intelligence, black hats tend to work alone or with organized crime groups for financial gain.

Black hat hackers may be novices or experienced criminals. They are usually competent infiltrators of computer networks and can circumvent security protocols. They may create malware, a form of software that enables illegitimate access to computer networks, enables the monitoring of victims' online activities, and may lock infected devices. Black hat hackers can be involved in cyber espionage or protests in addition to pursuing personal or financial gain. For some hackers, cybercrime may be an addictive experience.

One of the earliest and most notorious black hat hacks was the 1979 hacking of The Ark by Kevin Mitnick. The Ark computer system was used by Digital Equipment Corporation (DEC) to develop the RSTS/E operating system software.

The WannaCry ransomware attack in May 2017 is another example of black hat hacking. Around 400,000 computers in 150 countries were infected within two weeks. The creation of decryption tools by security experts within days limited the extortion payments to approximately $120,000, or slightly more than 1% of the potential payout.

The notable data breaches typically published by major news services are the work of black hat hackers. In a data breach, hackers can steal the financial, personal, or digital information of customers, patients, and constituents. The hackers can then use this information to smear a business or government agency, sell it on the dark web, or extort money from businesses, government agencies, or individuals. The United States experienced a record number of 1,862 data breaches in 2021, according to the Identity Theft Resource Center's 2021 Data Breach Report. There has been a noticeable increase in the number of data leaks. Take the United States as an example: in 2017, there were a record 1,506 incidents; in 2021, there was a new high of 1,862 incidents; and in 2023, there was a record 3,205 incidents. At the same time, there has been no significant decline between the peak values.

From 2013 to 2014, black hat hackers broke into Yahoo and stole 3 billion customer records, making it possibly the largest data breach ever. In addition, the adult website Adult FriendFinder was hacked in October 2016, and over 412 million customer records were taken. A data breach that occurred between May and July 2017 exposed more than 145 million customer records, making the national credit bureau Equifax another victim of black hat hacking.