How to hack Social Media accounts? | DROP Organization

Posted by on



In the digital era, our reliance on the use of social media networks are growing worldwide. This has raise a great concern for information security. Social media platforms are developed to bring people more closer and connect people over the world. They are meant to share content, engage in mutual interactions of common interest by eliminating the geographical boundaries. 

These makes social media networks a powerful place. But, inspite of its incredible gains, digital crime equivalence that threatens the physical socialization. Malicious attackers or hackers are exploiting the social media networks for notorious activities to harm others. Though, many detection tools are developed to control the crimes, still the hackers use various tactics and techniques to perform attacks. Hackers, on the other side, are developing new attacking tools and hacking strategies to gain unauthorized access to systems and networks. 

An increase in the number of cyber attacks on social media platforms demands for a more intelligent security measures to improve the effectiveness of these platforms. Online social networks are the connection and communication platform that promotes the social interaction in the virtual area. 

Various Social Media Networks

There are thousands of social media platforms used today for various purposes. The most popular of them are highlighted below:

  • Facebook- It is am online social media platform that provides several services like social networking of friends and fans, online advertising, voice calls, instant messaging, video calls, video sharing and viewing, online market place, virtual gifts among both young and the old, private and corporate entities. It was launched on February 4, 2004, by Mark Zuckerberg. 
  • WhatsApp- It is a cross-platform internet-based instant messaging application that allows smart phone users to exchange text, image, video and audio messages for free provided the device has access to internet. It was developed in 2009 by Brian Acton and Jan Koum. It has become the most popular messaging app with about 900 million active users as at September, 2015.
  • MySpace- It is a social networking website offering an interactive user-submitted network of friends, personal profiles, blogs, groups, photos, music and videos. It was the biggest social media platform till 2008, until it was taken over by Facebook. It was cofounded by Chris DeWolfe and Tom Anderson.
  • Twitter- It is a social network platform that enables the user to write and read short character messages called tweets. It revolves around the principle of followers who are equally users, who choose to follow another Twitter user and can thus view tweets sent by that user. The unregistered users, on the other hand, can only read tweets. It was founded in March, 2006 by Jack Dorsey.
  • Instagram- This platform allows the users to upload media that can be edited with filters and organized by hashtags and geographical tagging. The posts can be shared publicly or with pre-approved followers. Users can browse other users' content by tags and locations and view trending content. They can like photos and follow other users to add their content to a personal feed. 
  • YouTube- It is a video sharing platform that allows users to watch videos posted by other users and upload videos of their own. With the extensive use of smart phones, this platform have become the first choice in personal broadcasting and video sharing. It was cofounded by Chad Hurley, Steve Chen, and Jawed Karim in February 2005. It was bought by Google in November 2006, and now operated by Google.
  • LinkedIn- This platform is suitable for professional networking. It is useful for job seekers and professionals where they can invite other users and even non-users to connect. On this platform, users can get introduced to networks of contacts, new job and business opportunities, display products and services in their company profile pages, list job vacancies and search for potential candidates.
  • Reddit- This social media platform enables users to submit content and later vote for the content. The voting determines whether the content moves up or down, which is ultimately organized based on the areas of interest. 

How hackers hack these Social Media platforms?

Hackers attack these platforms in various ways. An understanding of the tactics or techniques performed by the hackers can help you to take defensive measures against these attacks. 

  1. Malware attacks: This attack involves a tactic to create a malicious software by the attackers with an intention of gaining control and utilizing the user's device  to perform some malicious activities. This includes launching DoS attack, keystrokes logging, theft of credential, credit card number or bank details, etc. This is performed by providing links or images to the user's inbox, so that user will open it. Once the user is infected, the hacker uses the compromised social media account to spread the worm by delivering a message to other users who are friends with the infected user. This contains a luring link to a third-party Web site, where they prompt to perform an action like "register to view the full image", "update you Adobe Flash player to have a better view", etc. Common malware categories are Crimeware, Spyware, Adware, Browser Hijackers, Downloader, Toolbars, and Dialers. The most effective method is by using Cross-Site Scripting (XSS) to protrude their malicious codes on social networking sites.
  2. Phishing attacks: Here, the attacker lure a user using "bate", that is most appealing to the user with the intention to trap the user. The user, when trapped, provide sensitive information on fake pages and thus the attackers gets access to the users' credentials.
  3. Social Networking Infrastructure attacks: Here, the attacker launches attack on the platform that provides the social service with the view to disconnecting users from accessing the services of the platform. The major attack used that directly affects the users is DDoS.
  4. Identity Thefts: Often, the user's credentials are stolen by the malicious attackers to securely gain access to user's social media platform. When the attackers do so, they launch their pre-conceived attacks by impersonating the authentic user.
  5. Cyber-bullying: Another way of threatening or intimidating a social media user by messages or by posting objectionable content on the social media network to harass the targeted user.
  6. Evil twin attacks: Here, the attacker uses the target's profile to create account to mimic the authentic user. This attack can also be called cyber-impersonation. Then, the new account is used to send friend requests to the contacts on the social media platform so that the attacker can enjoy the privileges of friends and gain access to users on the platform.
  7. Network Sniffing: This is the practice of intercepting and analyzing network packets to find out the kind of information shared within the network. If the connections are not properly encrypted, an attacker can gain access to sensitive information about sites visited and messages ad passwords that are sent and inputted in them, respectively.
These attacks can use any of the below mentioned attacking mode to carry out the threats:

  • Hackers often use Denial of Service (DoS) to prevent legitimate users from using a service.
  • User to Root (U2R) is used to gain the unauthorized access to local super-user privileges
  • Probe attack is used by the attacker to find information about target host through various ways such as scanning victims to get information about available services and operating system.
  • Hackers often use Remote to Local (R2L) to get unauthorized access from a remote system by guessing password to obtain a local account on the victim host.
  • Advanced Persistent Threat (APT) is a targeted attack against a high-value asset or physical system where attackers often leverage stolen credentials of users or zero-day exploits to prevent triggering alerts.
  • WireShark is a common tool used by the attackers to perform network sniffing.

How can you defend Social Media attacks?

As evidenced, hackers leaves no way left to get your credentials and access to the social media platforms, Hence, we need to know few defenses that you allow us not to fall into the trap of malicious attackers. Below are some ways:
  • Check the URL: Whenever you are visiting any link sent through messaging platforms or emails, do check the links. This is a very simple procedure and the most effective one against phishing links and sites.
  • Make use of strong passwords/ encryption: Always use a strong password in all your social media platform which is difficult to guess by the malicious attackers. Do not use similar passwords for different accounts. You can use passphrases instead of passwords which are easy to remember and hard to guess or bruteforce. A passphrase is quite lengthy and would be almost impossible to find in a wordlist or to be guessed.
  • Use Antivirus Software and Firewalls: An antivirus is a software solution which acts as a protection systems against both internal and external threats based on the vendor. A firewall on the other hand, protects systems only against external threats based on your preferences and settings. The use of both of these can protect you from information stealing malware.
  • Tracking Breaches: You can hire experts to track about any breaches made to you social media platforms. This depends on how much amount you are willing to pay for it. 
  • Virtual Private Network (VPNs): It is a secure network connection that connects you the internet privately and anonymously. This is done by encrypting the connection and routing it through remote servers. This is good option to prevent packet sniffers as packets analyzed are encrypted. This makes a bit difficult for an attacker to get passwords.

Want to start your learning journey on Cyber Security and Ethical Hacking field?






Comments

Post a Comment