Crackers subscribe to a code of ethics and look down upon the illegal and immoral activity of hacker (defined above). When the press uses "hackers" to describe virus authors or computer criminals who commit theft or vandalism, it is not only incorrect but also insulting to true hackers (White hats).
Why? (I Think Therefore I Hack)
Today’s hackers are more advanced than ever before, often working together in close-knit communities trading tips and tools with one another. These twisted individuals take their business serious, having countless online forums where updates are posted daily to help each other get around the latest security mechanism and increase the number of victims
Hacking for Sensitive Information
Credit Card Numbers, Bank Account, SSN
Hacking to Steal Bandwidth
the web hosting provider’s server is being used to help carry out illegal business
Hacking to Distribute Illegal Content
When these activities are traced by the authorities, the trail only leads back to the website owner who could likely face legal implications, the loss of credibility or worse.
Curiosity*.. :) (In an interview on SafeMode.org, one hacker—who used the nickname xentric)
When asked by the website SafeMode.org why he defaces web servers, a cracker replied, "A high-profile deface gives me an adrenalin shot and then after a while I need another shot, that’s why I can’t stop."
How?
A virus is a program that propagates itself by infecting other programs on the same computer. Viruses can do serious damage, such as erasing your files or your whole disk, or they may just do silly/annoying things like pop up a window. True viruses cannot spread to a new computer without human assistance.
Worm
Like a virus, a worm is also a program that propagates itself. Unlike a virus, however, a worm can spread itself automatically over the network from one computer to the next.
Worms are completely autonomous. They actively scan the internet for new targets, immediately infect them and the new target starts scanning the internet for new targets. Worms can spread extremely quickly because there is no need for human interaction.
Nimda, Code Red and Blaster
Trojan horse:*
Trojan horse is a very general term, referring to programs that appear desirable, but actually contain something harmful. The harmful contents could be something simple, for example you may download what looks like a free game, but when you run it, it erases every file in that directory. The Trojan’s contents could also be a virus or worm, which then spread the damage.
It can open a backdoor. A backdoor is an access point created from inside a computer’s defenses that allows outsiders to circumvent security and gain access to the machine from the Internet.
A Trojan Horse is an email virus usually released by an email attachment." Not so. A Trojan may be sent as an attachment in email, but it's certainly not an email virus.
Vulnerability scanner
A vulnerability scanner is a tool used to check computers on a network for known weaknesses.
Ex: Port scanners, Web Application Security Scanner (black-box test) ,
Computer worm Firewalls defend computers from intruders by limiting access to ports/machines both inbound and outbound, but can still be circumvented
Social engineering
Social engineering begins with some sort of definition like “the art and science of getting people to comply to your wishes”, “an outside hacker’s use of psychological tricks on legitimate users of a computer system, in order to obtain information he needs to gain access to the system”, or “getting needed information (for example, a password) from a person rather than breaking into a system”. In reality, social engineering can be any and all of these things
Social engineering attacks take place on two levels: the physical and the psychological.
Dumpster Diving
Dumpster diving, also known as trashing, is another popular method of social engineering. A huge amount of information can be collected through company dumpsters
On-Line Social Engineering
The primary weakness is that many users often repeat the use of one simple password on every account: One way in which hackers have been known to obtain this kind of password is through an on-line form: they can send out some sort of sweepstakes information and ask the user to put in a name (including e-mail address – that way, she might even get that person’s corporate account password as well) and password. These forms can be sent by e-mail or through US Mail. US Mail provides a better appearance that the sweepstakes might be a legitimate enterprise.
Reverse Social Engineering
Reverse social engineering attacks may offer the hacker an even better chance of obtaining valuable data from the employees
“Kevin Mitnick” - computer terrorist
Password cracking*
A common approach is to repeatedly try guesses for the password. The purpose of password cracking might be to help a user recover a forgotten password
Set a password that is easy to remember and hard to guess
Exploit*
Taking advantage of a known security weakness in a computer.
Code injection*
How Hackers Get Inside?
FireWall:
Think of an electronic barrier with lots of doors in it. These doors are called ports. When you use your web browser to access a website such as Google.com, you open a port (an electronic door) from inside the firewall and make contact with a server (a computer that sends information on request).
There are two basic types of firewalls
a. Software Firewall
b. Hardware Firewall
port-scanning software to look for holes in a firewall.
Breaches in Finance and Personal Details ( Few tips for you )
Figure out what type of breach has occurred.
Existing accounts
You will want to monitor your monthly account statements very carefully. Contact the creditor if your statement does not arrive on time. A missing bill could mean that an identity thief has changed your address
Why the concern over debit and check cards
Thieves have become increasingly sophisticated in gaining access to sensitive financial information. Databases of major retailers and restaurants have been compromised by hackers. Merchant card reading devices have been surreptitiously replaced with card skimmers. Restaurant employees have secretly captured card information on hand-held card readers. If you have a debit or check card and your account information is compromised, funds can quickly be withdrawn from your bank account without your knowledge. Your account can be emptied, resulting in overdrafts, fees, and an inability to pay your bills.
On the other hand, if you use a credit card, you will have an opportunity to dispute a fraudulent transaction before you have to pay the bill, so you will still retain access to the funds in your bank account.
But my bank offers a debit or check card fraud guarantee, so I’m covered, right?
Not exactly.
Don’t I need a debit or check card to get cash from an ATM machine?
Not necessarily. You can ask your bank to replace your debit card with an ATM-only card.
With an ATM card, a PIN is always necessary to complete a transaction
How to Fix a Hacker Attack
After a computer has been hacked it can never be trusted again.There is no way to know what might have been altered or changed. Any component could be Trojaned, or Time Bombed, or anything. The only thing to do if you want to ever be able to really trust your machine again is to wipe it and "start over".
Hide Your Files In A JPEG
1. Gather all the files that you wish to hide in a folder anywhere in your PC (make it in C:\hidden - RECOMMENDED).
2. Now, add those files in a RAR archive (e.g. secret.rar). This file should also be in the same directory (C:\hidden).
3. Now, look for a simple JPEG picture file (e.g. logo.jpg). Copy/Paste that file also in C:\hidden.
4. Now, open Command Prompt (Go to Run and type ‘cmd‘). Make your working directory C:\hidden.
5. Now type: “COPY /b logo.jpg + secret.rar output.jpg” (without quotes) - Now, logo.jpg is the picture you want to show, secret.rar is the file to be hidden, and output.jpg is the file which contains both. :D
6. Now, after you have done this, you will see a file output.jpg in C:\hidden. Open it (double-click) and it will show the picture you wanted to show. Now try opening the same file with WinRAR, it will show the hidden archive
Running Multiple Yahoo Messengers
1. Open the notepad
2. Copy the following code
REGEDIT4 [HKEY_CURRENT_USER\Software\yahoo\pager\Test] "Plural"=dword:00000001
3. Save the above code as multi.reg
4. Either double click on this file or right click on it and select merge option. (aim is to merge this settings into windows registry)
