"IMPORTANT: The content of this video is purely educational
and it's sole purpose is to advise
and improve security in the computational systems
of the viewer."
Welcome, all of you my friends to a new episode of Hackwise!
As you may remember, in the previous video I asked you
to leave your ideas in a comment for the next episode.
And as always, Wisers, you all took action
and the most liked idea has been selected
and that is the following:
How to hack Instagram.
Thanks to everyone who commented their ideas,
don't worry if your idea was not selected,
I will keep it in mind for future Hackwise videos.
And, The Joker, congratulations, for your idea has been chosen!
Yes, I know some of you realized that actually,
the most liked idea was hacking facebook
via brute force,
but I've already made a video about it previously
which I'll link to in the description so you can watch it.
I wanted to do something new and interesting
and slightly different from what we've done before.
That is why I decided to
use a few spanish and mexican youtubers as an example
of how they've gotten their Instagram accounts hacked
to explain this subject.
The main idea of this video is to learn
how Instagram accounts are hacked
to learn how to protect ourselves and improve our security.
Caeli: "If you..."
follow me on Instagram you have realized that I
literally posted one picture every day, at least.
And Chamo was the same. And turns out that...
We haven't been able to log into our Instagram accounts.
We don't know what happened.
We don't know if we got hacked,
we don't know, we don't understand, simply
with the password each of us have
We can't log in."
César: As we saw in the previous clip,
Caeli told us she had problems opening her Instagram account.
And this, to her, was intentional
since a hacker took control of her account.
Unfortunately, we know that the famous mexican youtuber
called Caeli has experienced many incidents with her social networks,
she has been hacked many times.
And I think that probably on one of those times
the hack was caused by her using a friend's cellphone
because she ran out of battery maybe,
and someone simply could have been shoulder surfing.
Shoulder surfing is a straightforward technique:
spying on the victim when she enters her password
to try and capture it.
There are different techniques to do this.
Some people pretend to be sending a text message
while they're actually recording the victim
to analyze the video afterwards
in the comfort of their home
and find out what was the password used by the victim.
Shoulder surfing is a hacking technique supposedly
classified as social engineering.
I know, sounds too simple but truth is,
it happens quite often.
Since I'm talking about social engineering,
it's likely that other youtubers such as Juanpa Zurita
and DalasReview
have fallen victim to this type of technique.
Remember that social engineering is, basically,
manipulating the victims to obtain classified information.
It's said that, in security, the weakest link is always the user.
One of the most used techniques to steal Instagram accounts
through social engineering is the use of phishing and scams.
Now I'll show you how these attacks work.
Let's assume we know some information
and we know the victim is a famous mexican male youtuber
and we know his e-mail address.
With this information we can make a plan
and carry out a social engineering attack with the aid of technology.
The hacker starts by stealing a girl's identity
that they think the victim may like.
After that, they set up a website identical to an Instagram user profile
using the girl's picture and information.
The hacker e-mails the victim with a convincing story
that should be enticing
so the victim will click the link in the e-mail.
At that moment the victim clicks the "follow" button
to supposedly keep in touch with the girl
hoping to communicate through DMs.
And then, a fake Instagram login appears
programmed by the hacker.
At that moment the hacker captures the
victim's password and takes over the account.
What I just showed you is social engineering
with help from technology and clever wit.
And I'll tell you what are the easiest ways to detect
this type of attack.
Another tip I can give you is:
if you're going to use Instagram through a link
you get via e-mail or instant messaging,
when you click and open it
take a good look at the address bar
in your browser and make sure it says instagram.com
and not anything else.
If you see any variation do NOT attempt to log in.
Well, that's enough of Caeli, we're leaving her alone.
Let's talk about the Juanpa Zurita case.
Some time ago, the mexican youtuber, Juanpa Zurita
was hacked, and we found out because he shared on his social networks
that something was not right with his Instagram account.
Turns out that when visiting his account,
we could see it did not exist.
Thing is, he was probably a victim of a social engineering attack,
such as the one I previously showed you with Instagram fakes.
But, it is highly likely that in this case
the hack was carried out by an insider.
Someone in his work team.
Maybe you're asking yourself, how?
It's well known that when a youtuber grows
as much as Juanpa Zurita,
they may hire some people to help them manage their social media,
aiming to create more and better content.
It's likely that at some point Juanpa Zurita
stopped working with one of these employees
that managed the social networks
and at that's when that person decided to delete
Juanpa Zurita's Instagram account.
Obviously for a normal user, if this happens -
if someone deletes your Instagram account
you're fried; you'll lose your account completely.
But due to the "size" of someone like Juanpa Zurita,
the company behind Instagram helps them recover the account
and even some of the deleted data.
But, in the end, Juanpa Zurita's fame and numbers
helped his account return to normal.
Do you realize how the weakest link
in any system is always the human being?
And now, let's move onto more delicate and important things.
Let's talk about the case I deem most interesting for this video:
The spanish youtuber, DalasReview's case.
"Hi."
"GOOD MORNING."
"I've been HACKED."
"My Instagram..."
It's common for users to recycle their password
and use it on all the sites and services on Internet.
This is done because it's seen as "practical"
and easier to remember.
What? Does that sound familiar?
Maybe you'll worry a bit after I've told you the following:
On Internet, there are black hat hacking groups
that dedicate themselves to stealing user and password databases.
Their objective being to use the information to their advantage
or simply selling it to the highest bidder.
This type of database tends to contain e-mails, passwords
and some of the users' personal information.
After some time, the hackers tend to publish these databases,
and that is known as a leak.
(in spanish, "filtrado de información", Information leak)
Then, what happened in this specific case
regarding DalasReview's Instagram account
is that a hacker decided to look for Dalas' e-mail account
and found a password that Dalas had recycled;
it was the same password he used
to log into Instagram, and this is how the hacker got access.
I'll teach you how these leaked databases look and work.
The hacker, once having different leaked databases,
creates a script which allows searching
e-mails and passwords with a single query.
The query can be a specific e-mail
or a keyword contained in the e-mail.
Done! The hacker has obtained the password contained in the leak
and if the victim has not changed their password
after the database was leaked,
then let's say they have a serious problem.
To prevent being hacked by someone
that searches these kind of leaks,
I suggest that you change all your passwords
in a regular way and avoid reusing the same password
in different systems.
I also suggest that the e-mail you use to access social media
is not made public in any way.
I want to thank our friends at CompraLicencias.com
since thanks to them this video was made.
If you don't want to be a victim of malware
for using a pirated copy of Windows or other software,
I recommend compralicencias.com
The website where you can find genuine licenses starting at $469 MXN.
Remember to visit compralicencias.com
the website where you can acquire an original license
for your favorite programs.
And well, my friends, that's all for today's video.
I hope you liked it, if you did please hit the like button
and don't forget to share it with your friends.
Remember that my name is César Gaytán,
@mrebola on Twitter, hackwisemx on Facebook,
mr.ebola on Instagram,
see you next time!
For more infomation >> López Obrador tiene el 52% de la intención del voto de los mexicanos, según encuesta - Duration: 0:37. 
For more infomation >> Últimas notícia de hoje : LÍDER DO PSB DISPARA: O GOVERNO TEMER ACABOU - Duration: 2:36. 
For more infomation >> A punta de pistola, exrecluso asalta a una pareja y roba sus pertenencias en California - Duration: 0:33. 
For more infomation >> "Tiene 10 minutos para despedirse": una madre de la caravana denuncia que la separaron de sus hijos - Duration: 2:24. 
For more infomation >> Últimas notícia de hoje : PM INTIMIDA PETROLEIROS DE PAULÍNIA - Duration: 1:45. 
For more infomation >> Así es la vida de lujos en Londres de la esposa del exgobernador de Veracruz Javier Duarte - Duration: 2:18. 
For more infomation >> Pastor David Rodriguez ➤ "Luz Del Mundo, Sal De La Tierra" | Sermones Cristianos - Duration: 48:20. 
For more infomation >> Transmisión en directo de Silvio Luis Benítez López - Duration: 13:47. 
Không có nhận xét nào:
Đăng nhận xét