Common Hacking Techniques
Hacking is the new cool (well according Hollywood, which has very largely biased the situation). Earlier on, I wrote an article on Hackers explained which tried to look at the different categories of hackers. We are all familiar with the ‘hacking is an activity that requires a lot of knowledge and practice’ cliche which if I might state, is very true. But how do these guys do it? What are the techniques?
Disclaimer: the aim of this article is to let you know of some of the most common hacking techniques so that you may protect yourself. Please don’t go disregarding other people’s right to privacy.
The list of techniques
Some of the following techniques are easy and can be pulled off by any douche with half a brain while others require a bit of finesse.
Customed tweaked Trojans are used to upload a victim’s credentials and data to the attacker. Trojans and viruses are mostly circulated via emails and once you open an infected email, the trojan auto downloads and starts to do whatever it does in the background. To stay safe, refrain from interacting with files of unknown origin.
Phishing is the art of trying to get sensitive info e.g usernames, passwords, and credit card details etc for malicious purposes. The hacker disguises himself as a reputable trustworthy entity. It is similar to fishing as the attacker uses some sort of bait to catch a victim. Billions of dollars have been lost to phishing.
Usually, users are contacted by email or instant messaging (IM) and asked to enter their info at a fake website. These fake websites are tailored to look exactly like the original ones. The websites on this links may also contain malware.
Phishing employs social engineering techniques.
Hacking computers takes up a lot of time and power. People on the other side, are super easy to hack and manipulate. This is where social engineering comes in. it is the psychological manipulation of people into performing actions or divulging confidential information. It is more advanced and efficient than your typical everyday con.A type of
The best prevention against this is to train your users/employees on how to be more aware and careful about divulging important info. A lot of hacking techniques employ social engineering tricks.
Reverse social engineering
Reverse social engineering entails a series of steps: sabotage, advertising, and assisting. The hacker sabotages a network, causing a problem. The same hacker then advertises that he can fix the problem. When he comes to fix it, he asks for certain information and gets what he really intended to get. They never know it was a
No one ever knows because, by the end of the day, everyone is happy.
In general, all reverse social engineering is social engineering but not all social engineering is reverse social engineering.
A rogue access point is a wireless AP that is installed on a secure network without authorization from a network admin. When an attacker installs an AP, they can run various types of vulnerability scanners and use the info to attack remotely. For example, they can attack from a reception area, adjacent building or even from miles away if they a high gain antenna.
An admin can install wireless intrusion prevention systems which monitors spectrum from unauthorised APs.
Keyloggers record keystrokes and sequences from a victim keyboard. They can be either hardware or software though the software version is more popular. If by any chance you enter your personal credentials using your keyboard while it is being monitored by a keylogger, bye bye privacy!
One of the techniques to protect against keyloggers is when banks ask you to use their virtual keyboards when you’re using online banking services.
A dictionary attack uses a file containing all possible password words that can be found in a dictionary. This technique is usually successful because it uses the words that most people are likely to have as their passwords.
Cleverly mashing your words together like ‘thatsuperclevergeek’ will not protect you, it will just take a few seconds longer but you’re still going to get hacked!
Brute force attack
This technique is super similar to the dictionary attack but with a few bonus points. You get to try all non-dictionary words by working through possible alpha-numeric combinations
This kind of attack takes longer but eventually, it gets the work done. Running a brute force attack takes up a lot of resources. You need a powerful GPU plus some mad specs to pull this one off.
Generally, there are a lot of ways and techniques in which you can get hacked. You will never be 100% safe and anyone who tells you that is lying. What you can do is minimise the chances. Use super strong passwords that are hard to guess, don’t be nosy clicking on weird shit that you don’t know and keep your stuff private.
Lastly, don’t share your private info with anyone.
Originally published at Decode.