Voici les logiciels qu’utilisent les pirates pour dérober vos mots de passe

Voici les logiciels qu'utilisent les pirates pour dérober vos mots de passe

Hackers rely on a variety of tools to break into your online accounts. Here is a selection of the best in the field.

Password theft and trafficking is, as we know, one of the pillars of cybercriminal activity. According to security researchers at Digital Shadows, more than 24 billion username and password pairs have been stolen in the last six years before ending up on hacker forums and other illegal shops.

But how do hackers manage to recover all these passwords? What techniques do they use? According to the Digital Shadows report, email phishing is obviously still the real way to access Internet users’ secret codes. But there are also more specialized and lesser-known tools that hackers use to achieve their ends.

Redline, the data vacuum

Because phishing doesn’t always work or isn’t appropriate, hackers can use malicious code to bypass passwords stored on a system. One of the most used software in this case is Redline Information Stealer. It costs around $200 and is quite easy to implement. Hackers often deliver it via booby trap messages, in the form of an Excel extension (XLL).

Digital Shadows / Redline support service on Telegram

Once installed on a computer, it will search for it from top to bottom. In particular, it will extract the data stored in web browsers, where it will be able to recover cookies or, specifically, passwords. Redline is also capable of detecting the existence of certain processes, such as antiviruses. This makes it possible to create relatively complex attack strategies. If it works, it’s the jackpot. Because compared to phishing, malware allows many identifiers to be retrieved at once.

OpenBullet, the credential stuffing specialist

The hacker who owns a batch of tokens will try to make the most of this asset. How ? Applying these identifiers on other sites. Everyone knows, in fact, that many Internet users use the same password on multiple sites. Of course, it is not about doing it by hand. According to Digital Shadows, the most popular software to automate this task is OpenBullet. It is often used in conjunction with a proxy service, so that the IP address can be changed with each connection attempt. This allows hackers to remain discreet and avoid being blocked by an online service.

OpenBullet
Digital Shadows / OpenBullet Home Page

Available for free on GitHub, Open Bullet was originally created by security researchers to make penetration testing easier. However, for it to work properly, the user must define “settings” that allow the software to properly handle the authentication process. Specifically, the tool must know where to put the username and password and be able to detect a successful connection. But do not panic: these configurations are sold on hacker forums. So pirates don’t really have to rack their brains.

HashCat, the footprint breaker

When hackers gain access to user databases, they typically do not recover plaintext passwords, only their cryptographic fingerprints (“hashes”). This is a one-way mathematical transformation that allows a password input to be validated without having to manipulate the actual password. In theory, no online service should store passwords in plain text, only cryptographic fingerprints.

By definition, there is no simple method to find a password from its hash. The only way to do this is to compute the hashes of many passwords and compare them to the password you are looking for. It is often long and tedious, which is why hackers use software, in this case HashCat.

hashish
Digital Shadow / HashCat is used on command lines

Its advantage is that it allows you to define calculation strategies to go faster. One can, for example, load one or more “dictionaries”, ie large compilations of frequently used passwords. Hackers can also define “masks” for these dictionaries, in other words, patterns for building passwords. Example: a word that starts with a capital letter and ends with a number and a special character. This is one of the patterns most used by Internet users. But it is possible to program much more complex patterns. The goal is to avoid stupid, nasty, and very slow brute force computation as much as possible.

Font :

digital shadows

#Voici #les #logiciels #quutilisent #les #pirates #pour #dérober #vos #mots #passe

Leave a Reply

Your email address will not be published. Required fields are marked *