Top 10 Ways How Hackers Can Hack Facebook Accounts

1. Facebook Phishing
Phishing still is the most popular attack
vector used for hacking facebook accounts,
There are variety of methods to carry out
phishing attack, In a simple phishing attacks
a hacker creates a fake login page which
exactly looks like the real facebook page and
then asks the victim to login into that page,
Once the victim logins through the fake page
the victims “ Email Address” and “Password ” is
stored in to a text file, The hacker then
downloads the text file and get’s his hands on
the victims credentials.
2. Keylogging
Keylogging, according to me is the easiest
way to hack a facebook password, Keylogging
sometimes can be so dangerous that even a
person with good knowledge of computers can
fall for it. A keylogger is basically a small
program which once is installed on victims
computer will record every thing which victim
types on his/her computer. The logs are then
send back to the attacker by either FTP or
directly to hackers email address. I have
dedicated a half of my newsest book “An
introduction to keyloggers, RATS And
Malware” to this topic.
3. Stealers
Almost 80% percent people use stored
passwords in their browser to access the
facebook, This is is quite convenient but can
sometimes be extremely dangerous, Stealers
are software’s specially designed to capture
the saved passwords stored in the victims
browser, Stealers once FUD can
be extremely powerful. If you want to how
stealers work and how you can set up your
own one?, Kindly refer the book above.
4. Session Hijacking
Session Hijacking can be often very dangerous
if you are accessing Facebook on a http://
connection, In a Session Hijacking attack a
hacker steals the victims browser cookie
which is used to authenticate a user on a
website and uses to it to access victims
account, Session hijacking is widely used on
Lan’s. I have already written a three part
series on How session hijacking works? and
also a separate post on Facebook session
hijacking.
5. Sidejacking With Firesheep
Sidejacking attack went common in late 2010,
however it’s still popular now a days,
Firesheep is widely used to carry out
sidejacking attacks, Firesheep only works
when the attacker and victim is on the same
wifi network. A sidejacking attack is basically
another name for http session hijacking, but
it’s more targeted towards wifi users.
6. Mobile Phone Hacking
Millions of Facebook users access Facebook
through their mobile phones. In case the
hacker can gain access to the victims mobile
phone then he can probably gain access to
his/her Facebook account. Their are lots of
Mobile Spying softwares used to monitor a
Cellphone.
7. DNS Spoofing
If both the victim and attacker are on the
same network, an attacker can use a DNS
spoofing attack and change the original
facebook.com page to his own fake page and
hence can get access to victims facebook
account.
8. USB Hacking
If an attacker has physical access to your
computer, he could just insert a USB
programmed with a function to automatically
extract saved passwords in the browser.
9. Man In the Middle Attacks
If the victim and attacker are on the same lan
and on a switch based network, A hacker can
place himself b/w the client and the server or
he could also act as a default gateway and
hence capturing all the traffic in between,
ARP Poisoning which is the other name for
man in the middle attacks is a very broad
topic and is beyond the scope of this article.
10. Botnets
Botnets are not commonly used for hacking
facebook accounts, because of it’s high setup
costs, They are used to carry more advanced
attacks, A botnet is basically a collection of
compromised computer, The infection process
is same as the keylogging, however a botnet
gives you, additional options in for carrying
out attacks with the compromised computer.
Some of the most popular botnets include
Spyeye and Zeus.