The words you are searching are inside this book. To get more targeted content, please make full-text search by clicking here.
Discover the best professional documents and content resources in AnyFlip Document Base.
Search
Published by Enhelion, 2019-11-21 09:20:47

Module_6

Module_6

Module 6

Upgrading from Obsolete Hacking Techniques





COMMON HACKING TECHNIQUES

1. Bait and Switch
2. Cookie Theft
3. Denial of Service/Distributed Denial of Service (DoS/DDoS)
4. Eavesdropping
5. Keylogging
6. Malware
7. Phishing



1. Bait and Switch:

An attacker can buy advertising spaces on the websites using the bait and switch hacking
technique. Later, when a user clicks on the advertisement, they may be directed to a page
that’s infected with malware. This way, hackers can further install malware or adware on the
computer. The ads and download links shown in this technique are very attractive and users are
expected to end up clicking on the same.

The hacker can run a malicious program which the user believes to be authentic. After installing
the malicious program on your computer, the hacker gains unprivileged access to your
computer.

2. Cookie Theft

The cookies of a browser keep our personal data such as browsing history, username, and
passwords for different sites that we access. If the hacker gains the access to your cookie, they
can even authenticate themselves as you on a browser. A popular method to carry out this
attack is to encourage a user’s IP packets to pass through attacker’s machine.

Also known as Session Hijacking as SideJacking, this attack is easy to carry out if the user is not
using SSL (https) for the complete session. On the websites where you enter your password and
banking details, it’s of utmost importance for them to make their connections encrypted.



3. Denial of Service/Distributed Denial of Service (DoS/DDoS)

A Denial of Service attack is a hacking technique to take down a site or server by flooding that
site or server with so muc traffic that the server is unable to process all the requests and finally
crashes. Using this popular technique, the attacker floods the targeted machine with tons of
requests to overwhelm the resources which stops the actual requests from being fulfilled.

For DDoS attacks, hackers often deploy botnets or zombie computers which have got the only
work to flood your system with request packets. With each passing year, as the malware and
types of hackers keep getting advanced, the size of DDoS attacks keeps getting increasing.



4. Eavesdropping

Unlike other attacks which are active in nature, using a passive attack like eavesdropping a
hacker just monitors the computer systems and networks to gain some confidential
information.

The motive behind eavesdropping is not to harm the system but to get some information
without being identified. These types of hackers can target email, instant messaging services,
web browsing, phone calls, and other methods of communication. Those who indulge in such
activities are generally black hat hackers, government agencies, etc.

5. Keylogging

Keylogger is a simple software that records the key sequence and strokes of your keyboard into
a log file on your machine. These log files might even contain your passwords and personal
email IDs. It is known as keyboard capturing and it can be either software or hardware.
Software-based keyloggers target the programs installed on a computer while hardware
devices target keyboards, electromagnetic emissions, smartphone sensors, etc.

Keylogging is one of the primary reasons why online banking sites give you an option to use
their virtual keyboards. So, whenever you’re operating a computer in public setting, try to take
extra caution.



6. Malware/Virus/Trojans

Virus or trojans are malicious software programs which get installed into the victim’s system
and keeps sending the victim’s data to the hacker. They can also lock your files, serve fraud
advertisement, sniff your data, divert traffic, or spread on all the computers connected to your
network.



7. Phishing

Phishing is a hacking technique by which a hacker replicates the most-accessed sites and traps
the victim by sending that spoofed link. Combined with social engineering, it becomes one of
the most commonly used and deadliest attack vectors.

Once the victim tries to login or enter some data, the hacker gets that private information of
the target victim using the trojan running on the fake site. Phishing via iCloud and Gmail
account was the attack route taken by hackers who targeted the “Fappening” leak, which
involved numerous Hollywood female celebrities.

8. Brute Force

The hacker tries various combinations of the password to get into the application. The attacker
succeeds in breaking the weaker or poorly formed passwords, hence gets unauthorized access.
The user can make it difficult for attackers by using strong password having a combination of
alphabetical characters, numbers and special characters. The service providers must also take
important measures to limit the rate at which users can try to login to the system, resulting in
low combinations over a period of time.

9. IoT Attacks

Most of the IoT devices are vulnerable to cyber-attacks. In several cases, devices can be easily
comprised as users use the factory default passwords. Also, these devices transmit data
without a security scan which sometimes leads to the transfer of malware. The device owner
must set a secure password and share with authentic users where applicable in order to reduce
these types of attacks.



10. DNS Spoofing

This is also known as DNS Cache Poisoning. By targeting old cached data, a hacker is able to to
redirect traffic from the actual site to malicious site.

11. SQL Injection

It attacks the system using SQL based database by identifying the vulnerability to either alter or
corrupt or delete the data, access the confidential information including credit card number,
and so on.

12. Man-in-the-middle Attack

It's a type of eavesdropping attack in which hacker sits between the user and the server
accessing the communication messages to gain confidential information and, in some cases,,
also modify the messages.

References:

Top 10 Common Hacking Techniques You should Know about – Andrea Rosti

https://safewayconsultoria.com/top-10-common-hacking-techniques-you-should-know-about/

Common Hacking Techniques-
https://www.technolush.com/blog/common-hacking-techniques


Click to View FlipBook Version