A Sneak Peek Inside a Hacker’s Toolbox

Venustus

Level 59
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Dec 30, 2012
4,809
There are a whole lot more tools, but this gives you some idea;)

Do you have a favorite household gadget? Do you reach for your drill or take out your handy roll of duct tape whenever there’s a problem? Most of us have tools that we are partial to, our tried and true saviors that have gotten us out of a bind time and time again.

When it comes to cybercrime, hackers also tend to stick with certain tools, ones that are proven to be more effective and more forceful than the rest. Sure, sometimes hackers may go out on a limb and experiment with a new technique, but by and large, the threats we face all stem from the same tactics, with some tweaks to the code here and there. In 2015, there were some things that proved essential in so many hackers’ tool kits – Why bother with originality when the old tried and true tools work so well?

It’s these standbys that we have to be the most vigilant about, and there’s a lot we can learn from these tools about how we arm ourselves better for 2016 and beyond.


Attacks Using Flash
Adobe Flash was the standard in creating animated clips and videos in the early days of the web. Back in the good ‘ol days, it was a fan favorite for developers and designers alike, as it was very functional and easy to use. But as technology progressed, Flash did not. This made it a prime target for hackers who saw Flash as an easy entry point. In 2010, Steve Jobs announced that all upcoming iOS devices would not be supporting Flash, but it took the rest of the industry over five years (and countless hacks) to catch up.

In 2015 alone, vulnerabilities in Flash were used in hacks of Forbes.com, Yahoo.com, and other mega websites. It was also used to target the computers of several foreign affairs ministers around the world in the Pawn Storm attacks. Flash is also a key method used in malvertising campaigns, where hackers lace ads that appear innocent with corrupted code, so as soon as they are viewed, the visitor gets walloped with malware.

Thankfully, Adobe pulled the plug on Flash in the beginning of December but it sure did leave a path of destruction in its wake. Adobe’s stand-in, titled “Animate” promises to be more secure and advanced. Let’s hope so!

Mobile Malware Attacks
Let’s face it – This year, two things became very clear regarding mobile malware:

  1. Mobile malware is a real threat to the safety of our data
  2. Even iPhones are vulnerable to hacks
These days, we do just about everything from our smartphones. We bank, shop, make lists, surf the web, text, and sometimes, we even talk to people. In 2015, there were over 2.6 billion smartphone subscriptions worldwide, and that number is expected to grow to 6.1 billion by 2020. That’s a pretty wide attack surface as far as cyber security is concerned. And considering all the information we have stored on those tiny devices, it’s pretty scary. In fact, in the first half of 2015, IBM researchers found that the rates of mobile devices infected with malware were equal to the rate of computers infected with malware. This indicates that malware creators are beginning to shift their attacks from computers to mobiles.

Android devices were the biggest target for mobile malware in 2015, hosting over 97% of all mobile attacks, and they manifested themselves in lots of interesting ways.

2015 brought us installer hijacking malware which tricked users into installing malware and malware-infected apps that posed as innocent apps. We saw mobile ransomware that locked users’ phones and sent fake FBI warnings that demanded users to pay up in order to have their phones unlocked. Don’t forget about all the different variations of mobile banking Trojans. Then there were vulnerabilities found in WhatsApp and MMS platforms that hackers could have hypothetically used to access data, though those were both found by researchers and never deployed in real life.

The list goes on, but suffice it to say, if you have an Android, be careful what you download from app stores, and be just as careful with what you open.

On the other hand, don’t assume that Androids were the only victims. In 2015, it became clear that jailbreaking your iPhone, regardless of the reason, is a bad idea. In August, researchers at security firm Palo Alto Networks announced that they had discovered a hack of over 25,000 Apple IDs from jailbroken iPhones. Then in October, the same firm discovered yet another threat to the iOS. Dubbed Yispecter, this strain of mobile malware can download, install and launch apps of its choice, as well as hijack and replace other apps altogether, proving that iOS malware is no longer just an issue on jailbroken phones.

Attacks on Network-Ready Devices
Most people are familiar with the concept of IoT (Internet of Things) by now. And man, what could be cooler than asking your refrigerator to make your shopping list based on what’s missing and then posting it to your Gmail calendar? Or making sure you never overdo your scrambled eggs thanks to your network-connected frying pan?

IoT sure is fun and futuristic, but with all those devices connected to the internet, something’s bound to give. And most likely, it will be data that you didn’t want exposed. The rate of network-ready devices is growing at an unprecedented rate, and by 2020, there will be more than 40 billion internet-connected devices. And every network ready device is just another way for a hacker to steal your data, or worse.

Earlier in the year, here on the ZoneAlarm blog, we told readers about what can happen when people get too “IoT- happy” and start connecting every device possible like doorbells, baby monitors, jeeps and Barbie dolls. These nifty gadgets aren’t built with security in mind, and can present a real danger, as was so starkly illustrated in the recent VTech hack in which millions of children’s sensitive information was hacked, including photos and physical addresses. Scary.

Wifi Attacks (or Coffee Shop Attacks)
Sometimes, there is nothing more relaxing than popping into Starbucks or Dunkin’ Donuts (or for the Canucks out there, Tim Hortons) for a coffee date with your tablet. But in terms of security, public wifi can be a major hazard. To facilitate security, your typical café wifi network is anything but secured. Though this is very kind in theory, in practice it makes public wifi a favorite vector for hackers. The open nature of these networks allows hackers to steal nearby surfer’s cookies (the small file kind, not the chocolate chip kind, but perhaps those too if the hacker gets close enough) and other stored data. Though some establishments may employ some level of encryption or authentication, currently most don’t, and as such most people don’t realize the risk they take every time they connect to public wifi.

Then there is the issue of rogue networks. To create a rogue network all a hacker needs to do is set up a hotspot in an open area with a believable name and just wait for users to connect to their network instead of the real one. It’s totally understandable that someone might connect to a network called “coffee shop” at their local cafe and that’s what hackers are banking on.

Thanks, Mr. Hacker!
There’s a lot we can learn from hackers about how to protect our digital identity. By studying their methods, we can perfect our security methods and habits. Here are some tips, straight from their toolbox, with which we can make sure we are prepared:

  • Hackers love to exploit older, less supported software like (the now defunct) Flash. By keeping all software running at its most current version, you can keep a large percentage of hacks at bay.
  • Our mobile devices require just as vigilance as do our computers. Stay away from 3rd party app stores and questionable downloads. A strong mobile antivirus software like ZoneAlarm Capsule is a must
  • Don’t go overboard with IoT. Think about the ramifications of connecting every device you own to the internet before doing so.
  • Stay away from public wifi as much as you can. Wait until you are at home or using a secure connection at work to do all banking or any other sensitive actions.
Source
 

DracusNarcrym

Level 20
Verified
Top Poster
Well-known
Oct 16, 2015
970
There's hackers who are mere opportunists, lurking and preying on potential vulnerabilities to pop up in their research for them to exploit.

Then there's the hackers who take it up a notch (or a dozen notches) and go beyond the level of script kiddies, by utilizing or constantly experimenting with "new techniques" (as the article suggests), and they take great care in finding techniques that will allow for creating persistent threats, that can outlast mere security patches, unlike attacks that come once an exploitable is found, and go after a security update is pushed to affected software or services.

Compare hacker attacks to diseases of the human body caused by microorganisms: The common flu variants encountered every year are considered to cause so-called "opportunistic infections", which means that those infections can be prevented with simple safety measures, and even without those measures, it is possible that one may not contract the disease at all.
However, a disease such as the bubonic plague, has (well, had, pretty much) a much, much higher probability of infecting a potential host, unless extreme safety measures are taken (always referring to prevention, not treatment).
The first disease type refers to opportunist hackers, and the second would refer to "topnotch" hackers.

It is also worthwhile to note that the first type of hackers is more prevalent than the advanced hackers, like the common flu is more prevalent than any forms of plague.
 

Venustus

Level 59
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Dec 30, 2012
4,809
There's hackers who are mere opportunists, lurking and preying on potential vulnerabilities to pop up in their research for them to exploit.

Then there's the hackers who take it up a notch (or a dozen notches) and go beyond the level of script kiddies, by utilizing or constantly experimenting with "new techniques" (as the article suggests), and they take great care in finding techniques that will allow for creating persistent threats, that can outlast mere security patches, unlike attacks that come once an exploitable is found, and go after a security update is pushed to affected software or services.

Compare hacker attacks to diseases of the human body caused by microorganisms: The common flu variants encountered every year are considered to cause so-called "opportunistic infections", which means that those infections can be prevented with simple safety measures, and even without those measures, it is possible that one may not contract the disease at all.
However, a disease such as the bubonic plague, has (well, had, pretty much) a much, much higher probability of infecting a potential host, unless extreme safety measures are taken (always referring to prevention, not treatment).
The first disease type refers to opportunist hackers, and the second would refer to "topnotch" hackers.

It is also worthwhile to note that the first type of hackers is more prevalent than the advanced hackers, like the common flu is more prevalent than any forms of plague.
A very eloquent post!!
Thanks!!:)
 

jamescv7

Level 85
Verified
Honorary Member
Mar 15, 2011
13,070
There's a difference between those hackers who want to hack everything and a clever one.

Remember that usually on the media we saw about the arrest of those cybercriminals are hackers that indeed to showcase the knowledge and prove they are the best however their identity are already at risk which easy for authorities to track them.

Yes they are numerous tools to hide them however some tend to ignore because of complexity in the operation.

Meanwhile those intelligent and clever hackers tend to plan it carefully and a time frame to launch an attack to make sure none of leaks should be use for evidence.

Usually in the movie, scenes related on hacking usually not using any proxy tools or any bypass to avoid track the real identity which in such hot pursuit operation they have only one mission and to launch the attack using those prepared tools.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top