Holy Shit, My Favorite Site Got Hacked! part 2

Welcome to part 2 of my series on hacking. This entry will be about identifying how a hacker can put his grubby hands on your personal information and tips to protect yourself from them when it is possible.

There is 2 types of ways a hacker can gather information, one of them rely on hacking websites and servers that users don’t have access to, but use by browsing the web.  The other one is accomplished by accessing the users’s inputs. It is much easier to protect yourself if you have control over some aspect of this equation.

First, there is one important thing to know: that little password/username combo is, most of the time, all the protection you have. It is imperative to keep both pieces of information away from suspect people and never, never share your password. Unfortunately, lots of websites display your user name everywhere, more-so when they use email address as login name.

TIP#1: Always use a trash email address to register to website that seems “cheap” or that display that login/email for all to see.

TIP#2: Speaking of email addresses, lots of them now include a feature of “email to send password recovery request to”, use it, but make sure that the email set is well protected (office email, school email, etc). You will need to change them if you ever lose these, but they have better protection against “password change” than gmail or msnlive do.

Lets start by the “website got hacked”. Most of the time when you read that a website was hacked, what it really means is that the database information was copied by an unauthorized person. By itself, the actual website doesn’t keep any information, but the database that supports the website does. SQL injection is a typical type of attack to get access to a database illegally. The database vulnerability mixed with the website coding exploits (using flaws or quirks in a particular programming platform to access or manipulate a site)  makes this a common occurrence.  Less frequent, but still possible, is that the hackers cracked the servers “root” password use the “brute force” method, usually when this happen, they deface the website and corrupt the information present.

In both cases, the hackers follow the news about this or that system security weakness, pick a website using those system and strike. As a user you don’t have much power against this. The website administrator should keep their software update-to-date.

Now, when does a user “responsible” for what is happening? Well, technically users are only responsible of not having taken precautions: anti-virus, anti-malware, etc. Hackers have many ways of infiltrating people’s computers without them knowing about it, but in most cases they succeed because the user wasn’t watching what he/she was doing.

Viruses, like Trojans and worms, and malware/spyware are widely used to steal information from personal computers. You can get infected just by browsing the web and looking at pages, because  browsers aren’t always the most secure thing in the world. Another tool used is a little application called a keylogger. With these application somebody can know exactly where, when and what you typed, making stealing password and username an easy endeavour.

TIP#3: Always keeping an up-to-date anti-virus, anti-spyware and browser is a good step to diminish the risque of infection.

TIP#4: Know what is running on your computer. In Windows you can see what process are running. Knowing what the different processes do can help identifying keyloggers and other malware when the anti-spyware fail to do so. Usually a quick internet search of a process name you don’t recognize will tell you what it is and help you identify if it’s something you installed yourself.

TIP#5: Avoid suspicious websites.

TIP#6: Change your hosts file. The hosts file is used by the browsers on your computer to accelerate finding the IP address of website, some nice people created a list of harmful IPs that you might encounter while browsing and put them in a hosts file that make these websites point toward the computer itself. This mean that the browser won’t be able to load these pages. Adware, malware and other suspicious websites are included. As a note, I once had a malware that changed my hosts file. It should be set to read-only all the time (unless you are editing it).

This concludes part 2. In part 3, I will talk about little applications that can make your life easier when it comes to protecting personal information.

Leave a Reply