You have probably seen many movies where hacking is portrayed like this...



Wait!

What does this even mean.Let me show you what hacking actually looks like.

From the point where you casually browsing the web,from the point where your social media accounts were Hacked.

Hacking happened.




Note: For any other language use Google Translation

The hacker was able to take over your digital life but how did he manage to do that?

He might have done one of these three things:

  • Breaches
  • Social Engineering
  • Man in the Middle
Let's read what they each means.

BREACHES

Believe me or not your password is probably already out there, publicly available on the internet without even your knowledge.

This might feel a bit unconvincing but it's true that there is a chance.

Even mine existed publicly on the internet without even me knowing it.

Until recently when I finally found out that my credentials are already stolen and available for literally anyone to see I had to then change my password on all my websites immediately.

But how did this happen? How is it that your credentials are already publicly available on the internet?

This is because of data breaches when hackers managed to hack a website and get access to the websites database where the user information like credentials are stored they leak all this data on the internet.

In most cases they sell this data on hacker forums and dark web or even post it on paste win.

Of course,It's the hacker's choice.


This data contains the usernames and passwords of all or a part of the users of that website.

So, if you are a user of the website that got breached and your data is leaked.

Most of the websites hash your passwords before they stored it in the database. So a hacker needs to first crack your password hash in order to find your real password in plain text.

But I'm not saying that it is impossible to crack a password hash.In fact most of the data breaches on the internet contain plain text passwords.
 

Many famous websites like Twitter, LinkedIn, 000webhost etc. already suffer major data breaches and all these breaches are publicly available on the internet literally for anyone to see.

Fun Gyan(Fact):
There is a bridge compilation available on the internet that contains literally 1.4 billion email passwords combinations.

Think about it... 1.4 billion if you want to check whether your credentials are included in any breach you can go to

haveIbeenpwned.com


and enter your email to search for any data that is associated with that particular email in any of the data breaches on the internet.

But let me also tell you even though your results are positive on this site, your data might still be in one the the breaches which is not popularly known but still exists.

This is the easiest way anyone can take over your social accounts or online banking accounts or whatever it is.

The best way to stay safe from data breaches is to use a different password for every website.

Use a password manager like dash name to generate random unique passwords for every website you use.




SOCIAL ENGINEERING

This is literally you giving a way to your username and password to a stranger on the internet.

Hackers can pretend to be someone else to try to extract your crucial information like your credentials directly from you.

For example, let's say you get link like this

Get FREE Instagram followers https://bit.ly/xyz

from someone and this link claims that you can get Instagram followers instantly for free of cost.

You click on the link and you are taken to a very convincing website that claims to offer you free followers for your Instagram ID.


If you put in your Instagram credentials on this website thinking that this is a legit website...well you're hacked.

This is called phishing.It is one of the several types of Social Engineering attacks and it is also the most common technique hackers use.

Now this is obviously not limited only to Instagram you may end up losing your other social media accounts,email accounts or even your online banking accounts through Social Engineering.

However the way a hacker approaches you to perform is social engineering can vary and sometimes even if you are not a computer illiterate you may still fall for it a hacker can also install a rat on device through Social Engineering.

A rat is nothing but a malware that gives the hacker remote access to your device.

By installing a rat the hacker will be able to do literally anything like stealing your credentials for different websites by using a key logger, stealing your photos and videos, finding your exact GPS location or even operating your device's camera or microphone without your knowledge.

For example: Look at this innocent SMS One can received

which claims that if I install this network carrier app and we get FREE Internet data.

I click on the link and download the apk.


It does look like the official app of the network provider well it is indeed the official app of the network provider but a rat is attached to this app by the hacker
As soon as I install this on my device the hacker has complete access to my device.


MAN IN THE MIDDLE ATTACK

Now this type of hacking is not very likely to occur but there is a chance that you can get hacked by man-in-the middle attacks.

In this attack a hacker can put himself as the man in the middle between you and the internet you are browsing.

Let's say you are browsing internet from a public Wi-Fi network.
Anyone who is using the same Wi-Fi network will be able to put themselves as the man in the middle and they can see your internet traffic or even modify it.

This means they will be able to see literally everything that you are sending and receiving from the internet using that public Wi-Fi but as I said it is very unlikely to happen because most websites nowadays use HTTPS connection which means the traffic between you and the website is encrypted and no man in the middle will be able to extract this Internet traffic but you can still at risk if you are using a website that doesn't use HTTPS over his TTP in such a case you may want to use a VPN (Virtual Private Network) to stay secure while browsing.

That's all for this post.

Thanks for reading this article.

Hope you learned
something new.