Facebook is one of the most widely used social networking site with
more than 750 million users, as a reason if which it has become the
number 1 target of hackers, I have written a couple of post related to
facebook hacking here at RHA, In my previous post which I wrote in 2010 related to facebook hacking and security 4 ways on How to hack facebook password, I
mentioned the top methods which were used by hackers to hack facebook
accounts, however lots of things have changed in 2012, Lots of methods
have went outdated or have been patched up by facebook and lots of new
methods have been introduced, So in this post I will write the top 10
methods how hackers can hack facebook accounts in 2011.
So here are the top 10 methods which have been the most popular:
1. Facebook Phishing
Phishing still is the most popular attack vector used for hacking
facebook accounts, There are variety of methods to carry out phishing
attack, In a simple phishing attacks a hacker creates a fake login page
which exactly looks like the real facebook page and then asks the victim
to login into that page, Once the victim logins through the fake page
the victims “Email Address” and “Password” is stored in to a text file, The hacker then downloads the text file and get’s his hands on the victims credentials.
2. Keylogging
Keylogging, according to me is the easiest way to hack a facebook
password, Keylogging sometimes can be so dangerous that even a person
with good knowledge of computers can fall for it. A keylogger is
basically a small program which once is installed on victims computer
will record every thing which victim types on his/her computer. The logs
are then send back to the attacker by either FTP or directly to hackers
email address. I have dedicated a half of my newsest book “An introduction to keyloggers, RATS And Malware” to this topic.
3. Stealers
Almost 80% percent people use stored passwords in their browser
to access the facebook, This is is quite convenient but can sometimes
be extremely dangerous, Stealers are software’s specially designed to
capture the saved passwords stored in the victims browser, Stealers once
FUD can be extremely powerful. If you want to how stealers work and how
you can set up your own one?, Kindly refer the book above.
4. Session Hijacking
Session Hijacking can be often very dangerous if you
are accessing Facebook on a http:// connection, In a Session Hijacking
attack a hacker steals the victims browser cookie which is used to
authenticate a user on a website and uses to it to access victims
account, Session hijacking is widely used on Lan’s. I have already
written a three part series on How session hijacking works? and also
a separate post on Facebook session hijacking.
5. Sidejacking With Firesheep
Sidejacking attack went common in late 2010, however it’s still
popular now a days, Firesheep is widely used to carry out sidejacking
attacks, Firesheep only works when the attacker and victim is on the
same wifi network. A sidejacking attack is basically another name for
http session hijacking, but it’s more targeted towards wifi users.
6. Mobile Phone Hacking
Millions
of Facebook users access Facebook through their mobile phones. In case
the hacker can gain access to the victims mobile phone then he can
probably gain access to his/her Facebook account. Their are lots of
Mobile Spying softwares used to monitor a Cellphone.
7. DNS Spoofing
If both the victim and attacker are on the same network, an attacker
can use a DNS spoofing attack and change the original facebook.com page
to his own fake page and hence can get access to victims facebook
account
