Announcement

Collapse
No announcement yet.

Confused

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Discussion Confused

    My dads company website was hacked by the same people who hacked Sony and the CIA, my dads company is small, why would they want to hack his, and what do you think they were trying to find.
    Every temptation is of the devil, and every sin leads to death.

  • #2
    Re: Confused

    Usually they are not looking for anything at all. Mostly, when a site gets hacked it's to do one of several things:

    1. To leave behind a back door so the hacker can come back later and/or
    2. To install a bot script and/or
    3. To deface the site for the fun of it an/or
    4. To install a phishing site and/or
    5. To send email.

    Here's how it works:

    Hacker in say China hacks two servers - on in the UK (a) and one in Russia (b). He works from a public library or something where the IP address will not trace back to him. (Usually from two different IP addresses - one for each hack).

    On the server "a" he installs a PayPal or Chase Bank etc. look-alike site. (All the logo's, images, links look identical to the real thing). The only difference is when the unsuspecting customer logs in he will be sending his credentials to the hacker (username, password etc)

    On server "b" he installs a mail script to send thousands (or millions) of emails to PayPal or Chase etc. customers. Something like:

    Dear ____,
    We here at PayPal need some further information regarding your account. Please login here ____ <---this would be a link to server "a"
    to update your account immediately bla bla bla

    Sincerely
    PayPal Inc.
    The above emails would have all the right PayPal or Chase etc. images, logos etc and will look "legit". The only difference is the links in the email all go to server "a" which the hacker control and not PayPal or whatever.

    Server "a" and "b" are usually chosen in two different countries to make prosecution a lot more difficult if they get caught because to make a case of fraud one needs to prove the hacker hacked both servers because only the two together are actually the crime itself.
    Time's up

    Comment


    • #3
      Re: Confused

      Lulzsec already broke up, why do you think it was them?
      Don't bother quoting me, I'll go back and correct my posts about a dozen times so I can fix all the dumb mistakes, typos, and parts that don't make sense, once I'm done then you can quote it.

      Comment


      • #4
        Re: Confused

        [QUOTE=bob;2713832]Lulzsec already broke up, why do you think it was them?[/QUOTE

        Idk who that is but, my dads accountant (or someone that does the website) said it was them.
        Every temptation is of the devil, and every sin leads to death.

        Comment


        • #5
          Re: Confused

          Originally posted by bdh View Post
          Usually they are not looking for anything at all. Mostly, when a site gets hacked it's to do one of several things:

          1. To leave behind a back door so the hacker can come back later and/or
          2. To install a bot script and/or
          3. To deface the site for the fun of it an/or
          4. To install a phishing site and/or
          5. To send email.

          Here's how it works:

          Hacker in say China hacks two servers - on in the UK (a) and one in Russia (b). He works from a public library or something where the IP address will not trace back to him. (Usually from two different IP addresses - one for each hack).

          On the server "a" he installs a PayPal or Chase Bank etc. look-alike site. (All the logo's, images, links look identical to the real thing). The only difference is when the unsuspecting customer logs in he will be sending his credentials to the hacker (username, password etc)

          On server "b" he installs a mail script to send thousands (or millions) of emails to PayPal or Chase etc. customers. Something like:


          The above emails would have all the right PayPal or Chase etc. images, logos etc and will look "legit". The only difference is the links in the email all go to server "a" which the hacker control and not PayPal or whatever.

          Server "a" and "b" are usually chosen in two different countries to make prosecution a lot more difficult if they get caught because to make a case of fraud one needs to prove the hacker hacked both servers because only the two together are actually the crime itself.
          Thanks Bdh, I'll be sure to tell my dad so he'll watch out for that stuff.
          Every temptation is of the devil, and every sin leads to death.

          Comment


          • #6
            Re: Confused

            [QUOTE=Hunter121;2714029]
            Originally posted by bob View Post
            Lulzsec already broke up, why do you think it was them?[/QUOTE

            Idk who that is but, my dads accountant (or someone that does the website) said it was them.
            Lulzsec (Lulz security) are the guys who hacked Sony and defaced the CIA's public website.
            Don't bother quoting me, I'll go back and correct my posts about a dozen times so I can fix all the dumb mistakes, typos, and parts that don't make sense, once I'm done then you can quote it.

            Comment


            • #7
              Re: Confused

              That was a great explanation, thanks.
              My Website - Online Biblical Commentary

              Comment

              Working...
              X