yoda at rotary_pune_club


Published on

Published in: Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

yoda at rotary_pune_club

  1. 1. How Hackers Get Into Your System By Antriksh Shah null The Open Security Community
  2. 2. Introduction to HackersRefers to a person who enjoys learning the detailsof computer systems and to stretch his/hercapabilitiesRefers to a person who uses his hacking skills for offensive purposes HackingDescribes the rapid development of new programs or the reverseengineering of the already existing software to make the code better andmore efficient
  3. 3. Types of Hackers
  4. 4. Steganography Greek Words:  STEGANOS – “Covered”  GRAPHIE – “Writing” Steganography is the art and science of writing hidden messages in such a way that no one apart from the intended recipient knows of the existence of the message. This can be achieve by concealing the existence of information within seemingly harmless carriers or cover Carrier: text, image, video, audio, etc
  5. 5. Ancient Steganography Demeratus in 440 BC sent a warning about a forthcoming attack to Greece by writing it on a wooden panel and covering it in wax. Histiaeus, who shaved the head of his most trusted slave and tattooed a message on it. After his hair had grown the message was hidden. The purpose was to instigate a revolt against the Persians.
  6. 6. Use of Steganography by Terrorist Al Qaedas use of steganography is somewhat simpler: In 2008 a British man,Rangzieb Ahmed, was alleged to have a contact book with Al- Qaeda telephone numbers, written in invisible ink. He was convicted of terrorism. In 2010, the Federal Bureau of Investigation revealed that the Russian foreign intelligence service uses customized steganography software for embedding encrypted text messages inside image files for certain communications with "illegal agents" (agents under non-diplomatic cover) stationed abroad. Using steganography to embed a message in a pornographic image and posting it to a Usenet newsgroup is the cyberspace equivalent of a dead drop. To everyone else, its just a picture. But to the receiver, theres a message in there waiting to be extracted.
  7. 7. http://www.8newsnow.com/story/498274/steganography-hidden-writing-how-terrorists-communicate-online
  8. 8. Steganography Demo
  9. 9. Malwares Spying your System’s
  10. 10. MalwareA malware is a small program that runs hidden on an infected computerWith the help of a malware, an attacker gets access to storedpasswords in the compromised computer and would be able toread personal documents, delete files and display pictures, and/orshow messages on the screen
  11. 11. Different Types of Malware Remote Access Data-Sending Malware Destructive Malware Denial-of-Service (DoS) Attack Malware FTP Trojans Security Software Disablers
  12. 12. What Do Malware Creators Look For Credit card information Account data (email addresses, passwords, user names, and so on) Confidential documents Financial data (bank account numbers, social security numbers, insurance information, and so on) Calendar information concerning the victim’s whereabouts Using the victim’s computer for illegal purposes, such as to hack, scan, flood, or infiltrate other machines on the network or Internet
  13. 13. Different Ways a Malware Can Get into a System Internet Pirated Software’s Free ScreenSavers E-Greeting Cards Untrusted Web Site Links USB Drive/ Images etc…
  14. 14. How does an attacker get a Trojan installed on the victims computer? Using wrappers A wrapper attaches a given EXE application (such as games or office applications) to the Trojan executable The two programs are wrapped together into a single file. When the user runs the wrapped EXE, it first installs the Trojan in the background and then runs the wrapped application in the foreground The user only sees the latter application
  15. 15. Process
  16. 16. Zeus Zeus is a malware that steals banking information by keystroke logging and Form Grabbing Zeus is spread mainly through drive-by downloads and phishing schemes In June 2009, security company Prevx discovered that Zeus had compromised accounts of such companies as the Bank of America, NASA, Monster, ABC, Oracle,Play.com Cisco, Amazon, and BusinessWeek. 2009 over 1.5 million phishing messages were sent on Facebook with the purpose of spreading the Zeus trojan. From November 14–15, 2009 Zeus spread via e-mails purporting to be from Verizon Wireless. A total of nine million of these phishing e-mails were sent. The five countries with the most significant instances of infected machines are Egypt, the United States, Mexico, Saudi Arabia, and
  17. 17. http://www.fbi.gov/newyork/press-releases/2011/nikolay-garifulin-pleads-guilty-in-manhattan-federal-court-to-involvement-in-global-bank-fraud-scheme-that-used-zeus-trojan-to-steal-millions-of-dollars-from-u.s.-bank-accounts
  18. 18. Trojan Demo
  19. 19. Key-Logger
  20. 20. Key-loggers stealing away your Private Passwords A program or hardware device that captures every key depression on the computer Used to monitor employee performance Used to seal private information Besides being used for legitimate purposes, keyloggers can be hardware installed to a computer or software that is used to collect sensitive information.
  21. 21. Hackers Motive of Key- Logger The types of sensitive information include:  Usernames & Passwords  Credit Card Numbers  Person Information such as Name, Address, etc.These small devices connect directly on the end of a keyboard to the porton the computer and look rather unassuming.
  22. 22. Preventive MeasureUse Anti-Virus ProgramsKeep your system patchedRead Email with Attachments CarefullyUse Firewall ProgramsBackup Important Files/Folders on separate storagemedia
  23. 23. Preventive MeasureUse strong PasswordsDownload and Install Software with CareAvoid Social Engineering AttacksAvoid Public ComputersLearn & Arm your self against Cyber Attacks
  24. 24. Thank You