What is account hacking and why do they do it?
Account hacking is the illegal seizure of user data to log in to any Internet resource.
The goals of criminals can be very different:
- Theft of funds from web wallets. Nowadays there is a lot of money circulating on the World Wide Web. Online payments take up an increasing part of financial transactions every day. So, having received Internet account data, attackers simply steal funds from these accounts.
- Extortion . Often the purpose of hacking is blackmail. Personal data (photos, correspondence, video materials) of an intimate nature can become a reason for blackmail. This is especially true for famous people and their loved ones.
- Sending spam . This is the most popular reason for hacking. Having taken over your account, hackers send advertising messages or infected emails on your behalf.
- Personal motives . When passions run high, a person is ready to do anything to get the desired information. Therefore, jealous husbands and wives themselves or with outside help commit such a crime in the hope of learning about the adventures of their other half.
Sometimes accounts are hacked out of a simple prank; most often children do this to make fun of their classmates or to take revenge on the offender.
Hacking methods
Just like breaking into a home, an attacker can gain access to an account in various ways. Sometimes it is not one method, but a combination of several. It all depends on the skills and persistence of the criminal.
Phishing
A type of fraud when the user is directed to a fake website that exactly replicates the design of the real one. The unsuspecting victim enters his information on the attackers' website, thinking he is logging into his account.
4 Ways to Boot into Safe Mode in Windows 10
Typically, scammers convince the user to go to their site by sending an email “from support” asking them to confirm some action. It could also be a virus that redirects from a real service to a fraudulent site.
Password brute force
Password brute force or brute force is the most primitive way to hack someone else's account. This method can only be used when the number of incorrect data entry attempts is unlimited. The hacker's task here is to select (with the help of a program) all possible combinations of characters that make up the password.
Hacking a website and obtaining a password hash
Sometimes attackers manage to obtain a complete database of passwords for some Internet resource. They do this in 2 stages:
- hacking a website with a hash database;
- decryption of hashes.
A hash is a value obtained from a password using a specific algorithm. During authorization, the hash stored on the service is compared with the generated hash; if they match, access is granted to the user. The main task for attackers here is to choose an algorithm by which the hash is encrypted. In this area there is a constant rivalry between “sword and shield”.
Spyware
Such programs are usually integrated into the installation package of other programs or wait until the careless user downloads and installs them. These programs usually do not reveal their activities in any way. Their task is to quietly monitor user actions and intercept input data. There are also versions that are active, intercepting computer control.
Social engineering
It is not the hacker's talents that are involved here, but the psychological talents of the fraudster. People often choose the name of their pet, the make of their car, their date of birth, their mother’s maiden name, etc. as a password
Access to a laptop in a cafe
Many public places have open WiFi networks. And such networks have their vulnerabilities. Attackers intercept the user's cookies and use them to log into the account.
What is backup on a computer?
Access to a computer at home or in a service
Sometimes a criminal does not need special knowledge to gain access to user accounts. This is typically used in targeted hacking of a specific user by a jealous spouse. An unattended smartphone or laptop is all that is needed to gain unauthorized access if the device is not password protected. Typically, the browser saves passwords and autofills forms when logging into your account.
Part 1: How to Hack Someone else's Instagram Account Without Knowing the Password
Thanks to this spy program, you get access to all messages, chats and files of the Instagram user. We will talk about the principle of its operation a little later.
1.1 Cocospy app
With the Cocospy app you can easily hack other people's Instagram pages. A special feature of the program is a keylogger - a keylogger for Android devices.
The most important thing is that the program does not require root access to Android. This is the most modern and unique program that only this company has. Users from over 190 countries around the world are already using Cocospy.
Keylogger allows you to track all the keystrokes of the target phone of the user when he logs into his Instagram as well as other accounts. Find out more about Cocosy Android Keylogger features here >>
You will be able to constantly view blocked files on the Cocospy dashboard. And you can also always track changes in login and password. Set up the app in just a few minutes.
After setting up Cocospy, you will be able to:
- Track target phone logins
- View users' social networks
- Access personal data and passwords
To get more detailed information about the Cocospy application and find out how it works, follow the link (Free Online Demo Version).
1.2 How to Hack Someone else’s Instagram Account Without Knowing the Password Using Cocospy Keylogger
To run Cocospy keylogger, you need to create a Cocospy account. Follow the step by step instructions below:
Step 1: Register an account on the Cocospy app for free
On the Cocospy home page, complete the registration as shown below
To register, follow the steps in the image above and confirm your registration by clicking on the link sent to your inbox.
Step 2: Take an Android phone
- You need to take the target Android phone
- Log in to your email and download the Cocospy app
- Settings > Security > "allow unknown sources" > access to your phone
After installation, you will be able to hack Instagram accounts and view messages. To see how the tracking system works on an Android device, click here.
Finish installation
Step 3: Follow Instagram
Once the installation of the Cocospy app is completed, you will be able to monitor messages, files and chats on Instagram. You will also be able to:
- View locked files and access Instagram password
- Log into your Instagram account from your device
- Specify the account username and password
- View any details and do whatever you want.
1.2: Cocospy app for iOS devices
If the phone you need to track is an iPhone, then you will not be able to use the Cocospy Android keylogger. But you will be able to use the Cocospy solution for iOS without jailbreaking. Users do not need to jailbreak the target phone and do not need to install any software!
The principle of its operation is as follows:
- You provide the target user's iCloud account information.
- You receive a password.
If the above credentials are known, you need to:
Step 1: Access iCloud
In the Cocospy app, enter the target user's iCloud account username and password
Step 2: Start Tracking
After logging into the target user's iCloud account, you will be able to view the user's information on Instagram and other social networks in the Cocospy app. The target user's data will be updated for review every 24 hours.
For target iOS devices, you can also check this post on how to jailbreak iPhone.
Is it easy to hack your password, or how to secure your account?
The time required to crack a password using all of the above methods, except for trying all combinations, almost does not depend on its complexity. But this method is very common and it would be a good idea to protect yourself from it. To do this, it is advisable upper and lower case characters, numbers and special characters in the password Moreover, as the password length increases, the time required to crack it increases exponentially.
Alphabet | 6 characters | 8 characters | 10 characters | 12 characters |
26 characters (lowercase Latin) | 3-5 seconds | 1 hour 30 minutes | 67 days | 81 years old |
52 characters (Latin in both cases) | 21 minutes | 42 days | 318 years | 981 |
68 characters (Latin in both cases + numbers and punctuation) | 98 minutes | 412 days | 4672 years | 28,700 years |
80 characters (Latin in both cases + numbers + special characters) | 5 hours 20 minutes | 4 years 3 months | 28,000 years | 170,000,000 years |
2. Social engineering - selection of data, password based on available information about the owner
Here you will have to think carefully... (if you don’t want to think, go straight to point 3.)
Everyone knows that a password should be complex and unique, but according to statistics, 80% of people use the most primitive passwords, for example “12345”, “password”, their date of birth or their phone number.
The essence of the method is that in fact a person is not able to come up with a unique password. This set of symbols must necessarily be associated with something “your own”, with what is “on your mind”. At the same time, the person will sincerely believe that he came up with something unique)
It should be something that a person will always remember, so you need to have an idea about it.
What is the most common?
- Phone numbers (yours or a loved one’s),
- Date of birth (your own or a loved one’s),
- Last name, first name, nickname (your own or a loved one),
- Email address (login)
- The name of the site on which this password is))
In addition, the vast majority use the same password on many sites (so as not to forget)
Therefore, try to find out at least one of his passwords (even from the most insignificant account). As an option, ask to register on some forum an account from which a person would not be afraid of losing.
In general, after analyzing the user’s data (his loved ones, memorable dates, events), in half the cases the password for his VK account can be found! (Checked)) )
How to determine if your account has been hacked
After a successful attack, attackers do not always block the account and change passwords. In this case, there are several ways to find out about a hack.
- Many services have account login statistics
- Unread messages are marked as read.
- Changing profile data.
- Notices about blocking on social networks.
Authorization
To log into your Google profile, you must complete the following steps:
1. Open the login page.
If you are using the Google Chrome browser:
- on the new tab, at the top right, click the “group of squares” icon located next to the “Pictures” inscription;
- Select “My Account” from the tiled menu that appears.
In other browsers: you need to type in the address bar - myaccount.google.com. And then press “Enter”.
2. In the upper right corner of the page, click the “Login” button.
3. To log in, enter your login in the panel that appears (mailbox address in the @gmail.com format). Click "Next".
4. Enter your Google profile password. Click the “Login” button.
If you can't log into your account (data entry errors keep popping up), check out this article. It will help you solve this problem.
What to do if your account is hacked
Firstly, there is no need to panic and make rash decisions. Often, access to a resource can be restored.
- If you still have access to your account, you need to change your password .
- If your account is linked to your email, it would be a good idea to change the password there too.
- Scan your PC for viruses.
- If access to your account is closed, you should inform your contacts on this resource, as well as the support service .
Changing the password on a Wi-Fi router
He who has information is armed. Knowing the vulnerabilities in the security of passwords, you can save them and protect yourself from hacker attacks.