Ok ok,
Many people don’t get how malicious hackers do their work. In this article, I will explain how they do it.Hacking is not magic. If your computer gets hacked, it’s not the most amazing thing in the world. In fact, it takes almost no skill to “hack” into a computer. A simple point and click? Oh, right! And the keyboard. There are many tools on the internet that allow anyone to hack… No skill needed; the program does it all fo them. These programs are usually classified as “script-kiddie”, or “skidde”, software.
But how about the people that really know how to “hack”? How do they do it? Well all hacking is, in basic terms, is sending data to a remote computer, as well as receiving data. That’s it. Nothing exciting. Sorry to disappoint all you hacker-wannabes, but it’s not all ultra high-tech like in the movies. That is called making it seem interesting as to draw viewers into watching the movie. Now let’s get back to the statement I made before.
It’s not just sending any data to a computer; it’s sending data that will return valuable data back to the hacker. In other words, an exploit of some sort. That’s where the expertise comes in.If this is hard to understand, let me give you all an example. Let’s say someone wanted to hack into your computer. If they wanted to do this 100% remotely without using any trojan horse to create an exploit (aka. backdoor) for them (will get into that later), what would they need to do? Find a service to exploit, no doubt. That’s all they have to work with. So, they use it.
Let’s say a friend gets you to download a file. They say it’s a very neat game that they made and that they want you to test it out for them. So you download it… Only to find it won’t run? You forget about it, and a few days later your friend has your password. What exactly happened? Well let’s see. That file he get you to run? It was probably a trojan horse. In other words, a file that looks like something harmless, but really creates an exploit (or backdoor) for the hacker. That is where it gets it’s name “trojan horse”; it’s outcomes are unexpected. That is also where the term “backdoor” got it’s name; it allows a secret “door” (service that runs returning valuable information to the hacker if he or she connects) to be made on the system.
Many times, if a computer is very secure, it won’t have any exploitable services for the hacker to use. So what would a hacker do? Create an exploit him or her self. This usually requires a bit of social engineering, because he or she actually has to get the target to run the trojan horse. But once it’s there, it usually runs in the background and waits for the hacker to connect to the service. There really isn’t an exploit needed here. If anything, the exploit is that the trojan is allowing the hacker to connect and gain control over the infected computer.
Cheers.
ps: Just the Basics for now. And o ya, Happy Boxing Day Everybody!
Technorati tags: Archtomato, Hackers, Thoughts, Reviews