Ethical Hacking - Terminologies
List of very important terms and meaning used in the field of hacking.
Pishing is one of the most common hacking terminology used by security people. Phishing is a technique which tricks users into revealing sensitive information (like usernames, passwords or credit card details) to seemingly benign sources. A phisher disguises as a trustworthy entity and contacts potential victims asking them to reveal information. This could be further used for malicious intent. For example, a phisher may pose as a bank and ask for their bank account credentials via e-mail. Or he could trick you to click on a fraudulent link. Pishing is a type of social engineering. A fake Amazon mail which attempts to persuade the lucky recipient that they have the chance to win £10 in return for completing a quick survey to steal login and Payment Information
You daily hear websites getting infected with malware attack, so let’s learn more about this hacking terminology. Malware is a software program designed by hackers to hijack computer systems or steal sensitive information from a device. These go by various names like viruses, adware, spyware, keyloggers etc. A malware program can get transferred to a system via various means like USB, hard drive, or spam. For instance, a recent malware functioned by redirecting both Opencart and Magento desktop and mobile websites to malicious links. This essentially leads to a loss of customers, reputation and most importantly bad impact on search engine rankings. This file called unzip.php allowed uploading of malicious files to the server.
One of the most searched hacking terminology of 2017. Ransomware is a form of malware which locks a user out of his own system and cuts access to his/her files. A ransom message is displayed that instructs how much and where to send payment, usually requested in bitcoin, in order to get your files back. Such attacks affect not only individuals but banks, hospitals, and online businesses. A very recent example of such ransomware is the Petya ransomware attack which recently took the businesses worldwide by storm. A message demanding money is seen on a monitor of a payment terminal at a branch of Ukraine’s state-owned bank Oschadbank after being hit by the Petya ransomware. Image source: REUTERS/Valentyn Ogirenko.
E-mail and IP spoofing are few common hack techniques encountered by users worldwide. E-mail spoofing involves altering the header of an e-mail to make it look legit. For instance, a black hat hacker can make an e-mail look as if it has appeared from your bank or any other source you may trust. On the other hand, IP spoofing refers to an illegitimate packet sent to a computer with an altered IP appearing to be a trusted host. This is carried out with the hope that the packet would be accepted to allow the sender access to the target machine.
Encryption is a process of encoding a message or information to make it unreadable nd secretive. This ensures that the concerned information is concealed only to the authorized parties. Often, encryption is employed by hackers to extort money by unleashing ransomware on computer systems, thus locking out victims and encrypting their files. The decryption key is provided only when a certain ransom is paid. A message demanding money is seen on a monitor of a payment terminal at a branch of Ukraine’s state-owned bank Oschadbank after being hit by a ransomware attack.
Adware is typically a software which acts as a spyware to track a user’s browsing activities covertly. It then generates advertisements based on the user’s browsing history. Some adware is maliciously designed to pop up ads with a frequency ultimately slowing down your system. It can collect your personal information, browsing history and provide inputs for further phishing attacks. This hacking terminology is common in the marketing world. Google shows a warning when visitors visit such deceptive website because of Social engineering content.
Zero Day Threat
A zero-day threat refers to a threat which is undocumented and hence hidden from any antivirus scanner installed on the system. This kind of flaw is inherent in anti-virus scanners, making it oblivious to developers who built antivirus functionalities based on knowledge of these vulnerabilities. Such vulnerabilities are exploited through different vectors, popularly web browsers, and malicious attachments via e-mails.
Brute Force Attack
Another commonly hacking terminology to get bypass the login pages. Brute Force, aka Exhaustive key search, is a trial and error method to decrypt data such as passwords, Data Encryption Standard (DES) keys or other encrypted information. This method is widely used to crack passwords to admin accounts, which in turn can be used to steal information and documents of paramount importance.
Highly searched hacking terminology of 2018 when Google Chrome announced that it will give warning to users who are visiting HTTP using websites. HTTPS, which stands for Hypertext Transfer Protocol with the “S” for “Secure”, is a basic framework that controls how data is transferred across the web. This protocol adds a layer of encryption to provide you with secure daily browsing—your bank, your email provider, and social network. SSL and TLS are protocols used by HTTPS to provide an added identity proof to your website. It is advised to avoid browsing the website using HTTP and enter any passwords or credit card detail on it.
A bot is a software robot that runs automated tasks (scripts) over the Internet. Many search engines like Google and Bing employ bots, also called spiders, to scan websites and index them for purpose of ranking them according to returns on search queries. But when these bots are used by hackers, they can be programmed to perform malicious tasks, as well as introduce malware into the system. Learn more about bad bots.
A botnet refers to a network of bots controlled by a black hat. Applications of botnets include the launch of DDoS (Distributed Denial of Service), steal data, end spam, and allow the attacker access to the device and its connection. A swarm of botnets not only help cover the black hat’s tracks but raise the intensity of the attack by attacking in a coordinated effort.
Distributed Denial of Service Attack (DDOS)
This hacking terminology is highly common among hackers and is a major concern for website owners and developers. A DDoS attack is carried out with the aid of zombies or botnets controlled by black hats. By programming the botnets, the black hats command them to send data packets to the targeted web server from multiple systems. This floods the target server thereby slowing down or even crashing and shutting down the server thereby disrupting any activity. All the while the user of the server is oblivious to the attack. Some of the most notoriously known attacks discovered lately were the Rio Olympics DDoS which lasted for months, Russian banks Sberbank and Alfabank which were attacked by a botnet consisting of at least 24,000 computers located in over 30 countries, and the US presidential elections campaign attacks. Rise of DDoS attacks during Rio Olympics.
A firewall is a network security system, which continuously monitors incoming and outgoing network traffic, and blocks out any untrusted sources to ensure safe communications. A firewall can be both hardware and software based. A well designed and implemented firewall continuously monitors for malicious inputs, however, black hats strive to circumvent them. As a result, firewalls are continuously being updated, adjusted or replaced with new security measures over time.
Essentially, a payload is a cargo of transmitted data over a network. However, in black hat hacking terminology, a payload refers to the part of the virus that performs malicious actions, such as compromising data, destroy information, or hijacking the computer system.
Rootkits are one of the scariest methods to perform a cyber intrusion mostly because it goes undetected. Give a black hat a rootkit and he would perform the perfect heist. A rootkit is a malware program which can be installed on a system through various means. Just like a virus, a rootkit can be injected via e-mails, unauthenticated websites, infected hard drives etc. Once injected, a black hat can exploit unhindered access to remote applications as per his/her need. What makes it even more lethal is its ability to function at the low system level so as to erase its tracks and go undetected for a long time. Once introduced into a system, its activity is extremely hard to detect even by skilled IT security professionals. It’s like the holy grail of hacking.
Remote Access Tool or Remote Access Trojan (RAT) is a form of malware which can be operated by even an unskilled hacker. Once a RAT is installed on your system, the attacker gains complete control of the system. While RAT can be used for legitimate purposes, like when a user wants to access his home computer from another location, it is largely used for illegitimate reasons.
This hacking terminology is commonly associated with e-mails. Spam is unsolicited emails, often used to spread advertisements via e-mails. Often, spammers collect a huge database of e-mails and randomly send them emails to promote products. However, spams can also be used to introduce malware into systems through phishing or directing to unauthenticated websites. The best practice is to delete a spam as soon as you receive one, or make use of a spam filter.
Similar to a virus, a worm is a destructive self-contained program which can self-replicate. A worm doesn’t need to be a part of a program, but instead, it can transfer itself to multiple systems on a network without user intervention. A self-replicating worm can consume hordes of memory and bandwidth while drastically reducing the speed of your system. If not removed timely, it can become devastating.
Hackers often use Cloaking to present different content or URLs to human users and search engines, thereby cloaking them under legit looking web material. Hackers use dynamic scripts and .htaccess rules to hide their tracks by returning a 404 or 500 error code to certain IP addresses or browsers while serving spam to other IP addresses or browsers. Google generally suspend your ads if they notice cloaking on your website. Check our detailed blog on how to reactivate disapproved ads.