We live in a world where cyber security has become more important than physical security, thousands of websites and emails are hacked daily. Hence, It is important to know the Top hacking techniques used by hackers worldwide to exploit vulnerable targets all over the internet.
So here is my list Top 10 Hacking techniques often used by these hackers.
1. Brute Forcing
Probably the oldest technique out there, Brute forcing involves trying permutations and combinations of characters from a particular character set.
For instance, if a hacker must crack the password of a file. He will try all combinations for a given length and then move to the next length.
So a hacker will try all characters like A-Z, a-z, 0-9 and special characters for length 1. If the password doesn’t match the hacker will move to length 1 and again try all combinations. This technique is no longer viable for online attacks but is still effective for offline attacks.
Man in the Middle better known as MITM attack is a type of attack in which an intermediate device handles all requests that are made from it to a server.
In MITM attacks the hacker can :
- Replace your Downloaded file with any other file.
- Redirect you to other websites.
- View all your browsing and typing history.
- Connect to your phone if any ports are open.
MITM attacks usually take place in public places that offer Wi-Fi services like Coffee shops, Railway Stations, Restaurants, Libraries etc.
You may not want to use sensitive websites in public Wi-Fi zones as a measure of protection against MITM.
This is where it all began. The eldest and widely used method for hacking people. Keylogging is the process of creating a log(record) of all typed keystrokes on a system. All this data is then sent to the hacker’s server periodically.
Modern Keyloggers provide features like snapshotting the victim’s screen and even hide within other processes to not get detected.
4. Cookie Stealing
Cookies are used on almost every website around the internet. They are used to identify, remember and authenticate a particular user from the billions of other users on the website.
In Cookie stealing a hacker gains access to Cookies on your computer and imports them to his Browser.
So the next time he opens that particular site, the website will identify him as you and he has successfully stolen your identity. He will now do whatever illegal activities he wants and you will be blamed for the same.
Phishing is another widely used technique primarily to hack people’s internet accounts.
Phishing involves tricking the user into believing that a fake website(Created by the phisher) is the original one and making them enter their credentials.
For example. www.facebook.com may be phished as www.facebok.com, at the first glance the difference is unnoticeable. Since the website looks like a replica of the original website. Users are unable to differentiate and end up believing that the site is real.
This is usually done with help from MITM where a user is redirected from the original website to a fake website.
After the user enters their credentials they are then stored in the hacker’s server and the user is again redirected to the original site.
6. SQL Injection
SQL injection is the process by which a hacker may hack the database of a server by typing SQL queries in the input forms of websites.
These queries are specially created to access data that may not be accessible to the hacker otherwise. However, with the introduction of PDO and MySQLi connectors, SQL injection rates have significantly dropped.
But for people using old MySQL connector, SQL injection is a real threat.
7. DDOS Attack
Have you ever been to a restaurant where all the tables are occupied by people who are not ordering food, they are just sitting there to stop you from eating and causing trouble for the restaurant owner.
Here you are the normal user, the restaurant owner is the Web Server and the people occupying the tables are the Hackers.
In DDOS(Distributed Denial Of Service) attack, a web server is crowded with multiple requests to the same resource which makes the server go Down.
DDOS attacks are mostly used when a hacker or a group of hackers wish to take down a website.
8. Cross Site Scripting – XSS
Somewhat like SQL Injection, Cross Site Scripting inserts malicious client-side code in the input fields so when those fields are requested by some other user, They get exposed to those malicious scripts.
Things like security keys are used to prevent XSS attacks.
Trojans or Malware are programs that get installed on our system along with some other software that we install and these Trojans can send all our data outside.
Some of these Trojans and malware are created by antivirus companies themselves and are known to purposely hold system resources to slow down system performances.
10. DNS Poisoning
DNS Poisoning refers to introducing incorrect DNS address information into the DNS resolving server to make the user go to the same site located on the attacker’s computer.
The Difference Between this and phishing is that in phishing attacks the URL is redirected to the hacker’s website.But in DNS poisoning, the same URL is used but a different server is used. Which by all means belongs to the hacker.
These were the Top 10 attacks used by hackers from my list, Most of these attacks are done with the sole purpose of identity theft. Since there is no physical entity verifying your involvement in an online activity. It is very easy to pose as somebody else. Hacking attacks usually take advantage of carelessness and ignorance of the user, so a little care while using the internet can save you from being Hacked.
Feel Free to comment down the Hacking techniques that excite you the most.