Top 10 Ways How Hackers Can Hack Facebook Accounts In 2011

Facebook is one of the most widely used social networking site with more than 750 million users, as a reason if which it has become the number 1 target of hackers, I have written a couple of post related to facebook hacking here at RHA, In my previous post which I wrote in 2010 related to facebook hacking and security 4 ways on How to hack facebook password, I mentioned the top methods which were used by hackers to hack facebook accounts, however lots of things have changed in 2011, Lots of methods have went outdated or have been patched up by facebook and lots of new methods have been introduced, So in this post I will write the top 10 methods how hackers can hack facebook accounts in 2010.

10 Ways How Hackers Can Hack Facebook Accounts In 2011

So here are the top 10 methods which have been the most popular in 2011:

1. Facebook Phishing 

Phishing still is the most popular attack vector used for hacking facebook accounts, There are variety of methods to carry out phishing attack, In a simple phishing attacks a hacker creates a fake login page which exactly looks like the real facebook page and then asks the victim to login into that page, Once the victim logins through the fake page the victims "Email Address" and "Password" is stored in to a text file, The hacker then downloads the text file and get's his hands on the victims credentials.

I have explained the step by step phishing process in my post below:

• How To Hack Facebook Password

2. Keylogging 

Keylogging, according to me is the easiest way to hack a facebook password, Keylogging sometimes can be so dangerous that even a person with good knowledge of computers can fall for it. A keylogger is basically a small program which once is installed on victims computer will record every thing which victim types on his/her computer. The logs are then send back to the attacker by either FTP or directly to hackers email address. I have dedicated a half of my newsest book "An introduction to keyloggers, RATS And Malware" to this topic.

3. Stealers 

Almost 80% percent people use stored passwords in their browser to access the facebook, This is is quite convenient but can sometimes be extremely dangerous, Stealers are software's specially designed to capture the saved passwords stored in the victims browser, Stealers once FUD can be extremely powerful. If you want to how stealers work and how you can set up your own one?, Kindly refer the book above.

4. Session Hijacking

Session Hijacking can be often very dangerous if you are accessing Facebook on a http:// connection, In a Session Hijacking attack a hacker steals the victims browser cookie which is used to authenticate a user on a website and uses to it to access victims account, Session hijacking is widely used on Lan's. I have already written a three part series on How session hijacking works? and also a separate post on Facebook session hijacking.

Further Information

• Gmail Cookie Stealing And Session Hijacking Part 
• Gmail Cookie Stealing And Session Hijacking Part 2
• Gmail Cookie Stealing And Session Hijacking Part 
• Facebook Session Hijacking Attack(Recommended)

5. Sidejacking With Firesheep

Sidejacking attack went common in late 2010, however it's still popular now a days, Firesheep is widely used to carry out sidejacking attacks, Firesheep only works when the attacker and victim is on the same wifi network. A sidejacking attack is basically another name for http session hijacking, but it's more targeted towards wifi users.

To know more about sidejacking attack and firesheep, read the post mentioned below:

• Firesheep Makes Facebook Hacking Easy

6. Mobile Phone Hacking

Millions of Facebook users access Facebook through their mobile phones. In case the hacker can gain access to the victims mobile phone then he can probably gain access to his/her Facebook account. Their are lots of Mobile Spying softwares used to monitor a Cellphone.

The most popular Mobile Phone Spying softwares are:

1. Mobile Spy 
2. Spy Phone Gold

7. DNS Spoofing 


If both the victim and attacker are on the same network, an attacker can use a DNS spoofing attack and change the original facebook.com page to his own fake page and hence can get access to victims facebook account.

8. USB Hacking 

If an attacker has physical access to your computer, he could just insert a USB programmed with a function to automatically extract saved passwords in the browser, I have also posted related to this attack which you can read by accessing the link below:

• Usb password stealer To Hack Facebook Passwords

9. Man In the Middle Attacks


If the victim and attacker are on the same lan and on a switch based network, A hacker can place himself b/w the client and the server or he could also act as a default gateway and hence capturing all the traffic in between, ARP Poisoning which is the other name for man in the middle attacks is a very broad topic and is beyond the scope of this article, We have written a couple of articles on man in the middle attacks which canb be accessed from the links mentioned below:

• Man In the Middle Attacks With SSL Strip

If you are really interested in learning how man in the middle attacks, you can view the presentation below by oxid.it.

10. Botnets 

Botnets are not commonly used for hacking facebook accounts, because of it's high setup costs, They are used to carry more advanced attacks, A botnet is basically a collection of compromised computer, The infection process is same as the keylogging, however a botnet gives you, additional options in for carrying out attacks with the compromised computer. Some of the most popular botnets include Spyeye and Zeus.


Facebook Hacking Course

Facebook hacking course is a facebook security course created by me, which tells you exactly how how hackers can compromise your facebook accounts and what can you do to protect your facebook accounts from getting hacked.

Click here to get access to the course

Hope you have enjoyed reading the post as much i did while writing.

Note: Copying or reproducing this article is strictly prohibited and will lead to certain consequences, If you are reproducing or copying this article, make sure that you give a proper credit.

Was Myspace Hacked On Friday? - Http/1.1 service unavailable

Earlier friday morning myspace shocked it's users, when the myspace homepage was showing a mysterious message, Lots of people though that anonymous hackivist group might be behind this attack. When ever a visitor came across the myspace homepage the following message was displayed.

We messed up our code so bad that even puppies and kittens may be in danger. Please turn back …now.* Have your pet spayed or neutered.

Lots of people thought that myspace was hacked and the hackers just changed the myspace website with this custom error page, However myspace has been using this error messagefrom 2009 which is occured due to internal errors.

4 ways on How to hack facebook password

In my previous post How to hack facebook password i told you about hacking facebook with phishing,Today i thought to uncover all the methods used to hack facebook password,

I will cover 4 methods over here:

1. Facebook Phishing2. Keylogging     

3. Social engineering
4. Primary email address hack

Facebook phishing:

I have taken this method first because i think this is the most popular method/way of hackingfacebook. I studied various facebook surveys taken on web about hacking facebook. The results of these surveys show "Phishing" as the most used method to hack facebook and to note…"Phishing is favorite method of facebook hackers". So, friends.. beware of facebook Phishing. Facebook staff is working hard to avoid these Facebook phishers. Phishing not onlyallows you to hack Facebook but also almost any email account. You have to only get the trick used to make a phisher, which i think is very easy. I learnt it without any difficulty. But, remember, this is only for educational purpose. I will not extend this topic over here as i haveadded more on Phishing in my article How to hack facebook password

Keylogging:

This is my second favorite, as only thing you have to do is remotely install a keylogger application (if you don't have any physical access to victim computer). Keylogging becomes more easy if you have physical access to victim computer as only thing you have to do is install a keylogger and direct it to your destination so that it will send all recorded keystrokes to pointed destination. What akeylogger does is it records the keystrokes into a log file and then you can use these logs to get required Facebook password and thus can hack facebook password. I have posted detailed information of top keyloggers in the trade for more information see my password hacking softwares section

3. Social engineering:

This sounds to be pretty not working at beginning. Even I was neglecting this way. But, once, I thought of using it against my friend on Facebook and i got his Facebook password very easily by this method. I think many of you might be knowing how what this social engineering, For newbies, social engineering is method of retrieving password or answer of security question simply be quering with the victim. You have to be very careful while using this as victim must not be aware of your intention. Just ask him cautiously using your logic.


4.Primary email address hack 

If Facebook hacker, by some means, hacks your gmail or yahoo account which you are using as primary email address, then this Facebook hacker can easily hack your Facebook password using "Forgot password" trick. He will simply ask Facebook to send password resetemail to your primary email address- which is already hacked. Thus, your Facebook account password will be reset and it will be hacked !!!


So, always remember to protect your Facebook primary email address and try to keep unknown or useless mail id as your primary email address

So far, i found these Facebook hacking methods as best and working ways to hack facebook account passwords. I never encourage hacking Facebook or any email account,,I just wanna make you aware about Facebook dangers online. I will appreciate your effort if you mention any other Facebook hacking method. 

5. Facebook Cookie Stealing 

I am updating this post with a new method which is being used to hack facebook accounts, which I think is very effective, Facebook cookie stealing is becoming popular day by day.The cookie which facebook uses to authenticate it's users is called "Datr", If an attacker can get hold of your authentication cookies, All he needs to do is to inject those cookies in his browser and he will gain access to your account. This is how a facebook authentication cookie looks like:Read More

Cookie: datr=1276721606-b7f94f977295759399293c5b0767618dc02111ede159a827030fc;

Avast WebRep for chrome, protection against malicious URLs in search results

Avast WebRep for chrome, protection against malicious URLs in search results

Avast has released a Google chrome extension named WebRep. This extension is released as a part of new update to it's antivirus software. This extension will keep user safe from  malicious links shown in the search results. this extension uses real-time data from the company's cloud intelligence gathering system for determining the URL to be malicious or not.

This extension is really helpful for protection against those website which are risky and serve malwares to the users. Google is the widely used web browser and it was necessary to launch this type of extension for chrome. The avast! Antivirus update 6.0.1091 released on April 18 provides a new WebRep extension for Chrome.
Download Here:
DOWNLOAD

Domain Name Hijacking

In this post, I will show you how domain names are hacked. Hacking of a domain name from it's original user is known as Domain name hijacking. Let me explain what is this.

Suppose i bought a domain name. Now i need a web host for hosting my website. 

Now how it works??

When we bought a domain name, we also get a control panel for full control on this domain name. From this control panel we point our domain to the web server where our files are actually host.

For ex- I have a domain name abc.com and i bought hosting at a server webhost.com. then for working of our website we need to setup our domain to point to our web hosting server webhost.com.

Now how domain hijacked??

For hijacking a domain name, you need to get access the domain name control panel and point out it to your website server from it's original server. In above example, suppose a person Y wants to hack the domain name abc.com. He will try to get access to the control panel of the domain name abc.com. After doing this he will change it to point ywebhosting.com where Y has hosted his website. Now we can see thaty the original website was on webhost.com but now it changes to ywebhosting.com. All visitors of abc.com will see a different website now.

How to get access to the domain control panel??

To hijack a domain name it is necessary to get access to the domain name control panel. For this we need 2 infornmations.

1. Domain name registrar
2. Administrative email associated with this domain

This is very easy to get these information about a domain name. Use WHOIS service for this. go to http://whois.domaintools.com/ enter the target URL and lookup. You will get the whois record of the domain name. NOw see the record and find the administrative email address and registrant service provider for this domain name. Now you have both informations about this domain name.
The administrative email address of this domain name is the key to hijack this domain name. Now hack this email account. For hacking email account go and read email account hacking of this website section.
after gaining access to this email id, search in mail for emails from the registrar emails. Surely there will be an email with user name and password. If not then go to the registrar website and click on forgot password link and reset the password of your choice. Now you can login to the control panel of the domain name. Change the settings of this domain name. 

Domain name is now hijacked ......

How to protect your domain name??

For protecting your domain name, protect your administrative email address. Protect your email account from being hacked.
Another best way is private domain name registration. In this type of registration, your private information such as administrative address will be hidden to public in whois records.So the private registration provides an extra security and protects your privacy.Private domain registration costs a bit extra amount but is really worth for it’s advantages. Every domain registrar provides an option to go for private registration, so when you purchase a new domain make sure that you select the private registration option 

Facebook password hacker tools and online services | truth behind these

Facebook password hacker tools and online services

one day a girl sent me a mail requesting for a facebook password hacking tool. i was surprised after reading this mail and replied her that i donot have any this kind of software or i think any such tool exists. Then he sent me some links which claimes to have such tools and they hack facebook passwords for dollors. she was curious to have that tool and she want to use their service. Most of the online service claim to hack facebook id only by profile id number which is used in facebook. 
You can also get this kinnda services only by searching in google. search "facebook password hacker" or "facebook password hacking tool".


Some of the service claims that they use old facebook loopholes and their service can retrieve passwords from facebook server within some seconds and blah blah blah..


lolz.. :D


Today i am going to describe some truth about those services and passwords. Do you think the number 2 company just behind the google would have these kind of loopholes. Is it easy to intrude in it's server for getting passwords?? Facebook has worlds best security persons in it's security teams. No this kinnda intrusion is possible.


Please never believe on those services or tools. They are only claiming this to get some dollors from you and you are going to waste your money for nothing.


Many of you still does not believe me. It's your choice. but please read their notes carefully, you will also get my points. Their calims of accessing password from facebook server or older loopholes and vb scripts. what would vb do in that. 


If you want to hack facebook password, read my older post. those are the only way to hack facebook profile password. do not run and waste money on readymade password hacking tools and services.

Tutorial on Password guessing attack

Tutorial on Password guessing attack

Passwords are used in every system for authentication of a user. Password is a set of symbol asssociated with a user. Password guessing attack is a type of attack in which an attacker tries to gain access of a system or network with a guessed password. Guessing a password is very simple type of attack but it is most effective if you know about the victim. The latest form of password guessing attack is carried out by automated tools which guess and try the password again and again to get the access of a system.
If you are doing it without any tool, you can try some information of users as a password which are generally taken as a passowrd. such as mobile number, birthday, name of gf/bf, birthday. So if you use this type of passwords then you can be hacked easily by a simple guess.


Password guessing attacks can be classified into two.


Brute Force Attack: A Brute Force attack is a type of password guessing attack and it consists of trying every possible code, combination, or password until you find the correct one. This type of attack may take long time to complete. A complex password can make the time for identifying the password by brute force long.
Dictionary Attack: A dictionary attack is another type of password guessing attack which uses a dictionary of common words to identify the user’s password.


We also have hybrid attacks, which append, prepend, or insert numerical (0-9) and special (!@#$%*, etc.) characters to dictionary terms. Passwords guessed at this level might be something like "129good45guess" or "pa55w0rd."'


By www.Hyper-Boyz.co.cc

download Award keylogger

Award keylogger

Award Keylogger is fast, invisible and easy-to-use surveillance tool that allows you to find out what other users do on your computer in your absence. It records every keystroke to a log file. The log file can be sent secretly with email or FTP to a specified receiver. Award Keylogger can also detection specified keywords and take a screenshot whenever one is typed, displaying findings in a tidy log viewer. It causes no suspicious slowdowns and takes very few system resources. all this is happening in full stealth mode so the person you are monitoring will never be aware of it.

Main Features:

New! Run keylogger as a Windows service

Easy-to-use, even for beginners 

Absolutely invisible/stealth mode

Logs accounts and passwords typed in the every application, (Only Award Keylogger Pro can record passwords in IE7/8/9)

Logs message typed in all instant messengers

Visual surveillance, support screenshots view 

Slide show for screenshots 

Captures the contents behind the asterisks 

Captures mouse clicks 

Logs websites visited (Award Keylogger Pro only)

Captures AOL/AIM/Yahoo/ICQ chats 

Keyword Detection and Notification 

Records contents of password protected web pages, including Web Mail messages 

Logs Windows Clipboard 

Sends log by e-mail 

Uploads ALL logs into the separate folders by FTP 

Invisible for the firewall program 

Invisible in the Windows startup list 

Monitors all users of the PC 

User friendly HTML file format for emailed logs 

Invisible in Windows NT/2000/XP Task Manager and Windows 9.x/Me Task List 

Records Windows 9.x/Me/2000/XP/VISTA logon passwords  

Intercepts DOS-box and Java-chat keystrokes 

Supports international keyboards 

External log viewer 

Supports printing of the log 

Optimized for Windows XP 

Exports log to HTML 

By www.Hyper-Boyz.co.cc