How hackers can gain access to your device?

https://www.verizon.com/info/digital-security/what-to-do-if-hacked/

Phishing

Firstly, phishing is considered one of the oldest and most common ways hackers access a device. Phishing is impersonating a company or an individual to trick the victim into doing a task that the hacker wants. Most phishing attempts occur through email and often look like events that would persuade a victim to follow through on the email. Examples of phishing emails include claiming that the victim has won a prize, their financial institution needing to verify their credentials, and impersonating tech support that needs access to their computer and information. Suppose the victim follows through with the email/message. In that case, they hand over personal information such as passwords, banking information, or a vector for the hacker to deliver malware to the device.

Trojan

Another way that hackers can gain access to a device is by using trojans. Trojans are malware that gets on to a device by disguising itself as something else. The associated malware is often used to gain personal information and take over a device’s resources, such as processing power. Mobile device apps are a prime vector to pass trojans. To illustrate, hackers can create an app that looks similar to a harmless app, such as a calculator, but with the intent of stealing the user’s information. The app then inserts a trojan into the mobile device. When the user opens their banking app, the trojan creates a log-in page that looks similar to the one that looks like the banking app. However, unknown to the user, the log-in page captures the information and sends it to the hacker.

Bluetooth hacking

Additionally, Bluetooth hacking is a recent form of hacking, following the invention of Bluetooth. This hacking method is more sophisticated in that the hacker looks for devices with an open Bluetooth connection and must be in the range of the device, approximately 30 ft away. Both a Linux machine and python are used to hack Bluetooth connections. The Linux machine can access a Bluetooth dongle configuration and sense other Bluetooth devices. It can sense other nearby devices and pair to them, allowing upload and download of files. There is a python program called, “bluescan” which is a powerful Bluetooth scanner used on Linux machines. Below is an example of bluescan finding low-energy Bluetooth devices.

Sim swapping

Moreover, a modern and most sophisticated tactic hackers use is “Sim swapping. Scammers take advantage of text message and phone call two-factor authentication in sim swapping. To gain access to the sim card, hackers try to find sensitive information about their target through social engineering, including phishing and using trojan malware. The hacker then calls the target’s mobile carrier customer service and pretends to be the target. Their goal is to convince customer service that they need a new sim card activated. In turn, the hacker ports the target’s telephone number to the hacker’s mobile device. They can now receive any two-factor authentication codes and password reset requests sent to the target’s device.

Wi-Fi hacking

In addition, Wi-Fi hacking is when hackers pretend to be a legitimate Wi-Fi connection point to intercept data that passes through the connection. This method is also called an “Evil Twin Attack.” Hackers commonly prey on individuals using public Wi-Fi in busy areas such as malls, libraries, coffee shops, and airports. They will copy the legitimate network’s Service Set Identifier and set up a new account with the same identifier using a mobile device such as a cellphone, laptop, or portable router. Having the same identifier increases the chance that a victim will connect to the malicious network rather than the legitimate network since devices cannot differentiate between the two networks. When the victim connects, they are often taken to a fake log-in page to input credentials, and then the data is sent to the hacker. The victim is now connected to the hacker, and the hacker can monitor all of the victim’s online activity.

USB malware

Furthermore, USB sticks are ubiquitous that others do not give a second thought about inserting a free USB into their computer. USB malware can be hazardous and possible with free random USBs. Generally, with USB malware, hackers will deliver an infected USB to a victim via postal mail. They then trick the victim into plugging the USB into their computer, and the USB will automatically run malware. These infected USB sticks are called “BadUSBs,” and USB cables called “OMG Cable” perform similarly.

Internet of Things

Likewise, while it is common for mobile devices and computers to be hacked, items called the “Internet of Things” (IoT) can also be hacked. IoT refers to any device with an on/off switch connecting to the internet and other devices. Some examples of IoT devices include microwaves, self-driving cars, and fitness wearables. When IoT devices are hacked, it is often due to lack of updates, inability to manage security features, insecure access ports, and weak password credentials. The most common operating systems vulnerable to an IoT attack are Android and Windows.

General prevention and protection

Finally, hackers use tactics to exploit vulnerabilities to gain unauthorized access to a device. Signs that the device is hacked include a quickly drained battery, the application or device randomly shutting off or turning on, or unrecognized charges and subscriptions on your bills. Other signs include being unable to receive calls or texts or unable to access your accounts. Ways to prevent others from gaining access to your device include: updating your device and apps, using security software on your devices, turning off Wi-Fi and Bluetooth when not in use, and not using third-party app stores or unfamiliar apps. Other ways to protect yourself include: not providing personal information to anyone, including posting it online or over the phone, not advertising your financial assets, using unique passwords or a password manager for accounts, and not solely relying on your phone number for security or identification.

Takeaway

Technology makes it convenient for users to quickly access our sensitive information, such as our bank accounts. As technology has become increasingly sophisticated, the ways that hackers gain access to devices have developed as well. Phishing, trojans, Bluetooth hacking, and sim swapping are the standard ways hackers access our devices. The other ways hackers gain access to devices include Wi-Fi hacking and USB malware. Although hacking is more common for computers and mobile devices, IoT items are also susceptible to hacking. Users need to understand that it is essential to keep devices up to date, use strong passwords, and refrain from giving out personal information unless necessary to protect themselves from hackers.

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store