We just saw the most common abbreviations used by hackers. Now let us demystify some of the jargon and terminologies that you’ll find in the field of digital security. This is a comprehensive and up-to-date list of the most important words and phrases that you’re sure to encounter no matter which hat you choose to wear. These are the most common terms used by hackers.
Malware, short for malicious (or malevolent) software, is software used by attackers to disrupt a victim’s computer operation, gather sensitive information, or gain access to private networks. It can appear in the form of executables (like batch file viruses), scripts or even as a part of other software. Malware is a general term used to refer to a variety of forms of hostile or intrusive software such as:
Adware is software designed to forcefully spam your system with ads. Some adware can pop up ads with such speed and frequency that they seem to be taking over everything, slowing down your system and tying up all of your system resources. However, the more subtle kind of adware that slowly inserts advertisements and tries to remain undetected for a long time is usually more successful.
A backdoor is a point of entry that circumvents normal security measures and can be used by a hacker to access a network or computer system. Backdoors aren’t necessarily evil. They are also used by system developers, network administrators and customer support. Backdoors effectively allow complete remote control of a system to the master. Hackers can spread their own backdoors by using a virus or a Trojan to set it up, thereby allowing them future access at their leisure.
A time bomb is a malicious program designed to execute at a predetermined time and/or date. Time bombs are often set to trigger on special days like holidays, or sometimes they mark things like Hitler’s birthday or 9/11 to make some sort of political statement. What a time bomb does on execution could be something benign like showing a certain picture, or it could be much more damaging, like stealing, deleting, or corrupting system information. Until the trigger time is achieved, a time bomb will simply remain dormant.
A Trojan is a malicious software used to hack into a computer by misleading users of its true intent. The term is derived from the Ancient Greek story of the wooden horse that was used to help Greek troops invade the city of Troy by stealth.
The payload is the part of the malware program that actually executes its designed task, such as damaging the system or installing a backdoor or stealing information.
A self-replicating program that inserts itself into computer systems and causes damage. They can also be spread as the payloads of a Trojan.
A worm is a malicious program that can replicate itself onto other computers on a network. Unlike a virus, worms don’t need a human to be able to spread and infect systems. Once it infects a system, it uses that system to send out other copies of itself to other random systems attempting to infect them.
A logic bomb is a malicious program designed to execute when a certain criterion is met. A time bomb could be considered a logic bomb because when the target time or date is reached, it executes. But logic bombs can be much more complex. They can be designed to execute when a certain file is accessed, or when a certain key combination is pressed, or through the passing of any other event or task that is possible to be tracked on a computer. Until the trigger event the logic bomb was designed for passes, it remains dormant.
The malware most likely to have a human touch. Rootkits are installed by hackers on their victim’s computers. The rootkit is designed to camouflage itself in a systems core processes so as to go undetected. It is the hardest of all malware to detect and remove. Rootkits commonly attempt to install a backdoor and grant the hacker administrative (root level) privileges.
A keylogger is a spyware program that is designed to log every keystroke made on a computer. The information that is collected can then be saved as a file and/or sent to another machine on the network or over the Internet, making it possible for someone else to see every keystroke that was made on a particular system. By using this information, it can be easy for a hacker to recreate your usernames and passwords, putting all kinds of information at risk and susceptible to misuse.
Remote administration Tools are a means of controlling other computers from yours. A backdoor is a form of a remote administration tool.
A polymorphic virus is a virus that will change its digital footprint every time it replicates. Antivirus software relies on a constantly updated and evolving database of virus signatures to detect any virus that may have infected a system. By changing its signature upon replication, a polymorphic virus may elude antivirus software, making it very hard to eradicate.
A cookie is a small packet of information from a visited webserver stored on your system by your computer’s browser. It is designed to store personalized information in order to customize your next visit. For instance, if you visit a site with forms to fill out on each visit, that information can be stored on your system as a cookie so you don’t have to go through the process of filling out the forms each time you visit.
process where a hacker gains entry into a computer or network and then uses it to gain access to another.
Internet protocol address is the distinctive numeral fingerprint that each device carries that’s connected to a network using Internet Protocol. If you have a device’s IP address you can often identify the person using it, track its activity, and discover its location. These addresses are apportioned by the regional Internet registries of the IANA (the Internet Assigned Numbers Authority). Hackers can use knowledge of your IP address to break into your system over the internet.
It is the action of hacking into a telecommunications network (such as Verizon or Vodafone) for the purposes of, for example, obtaining free calls or data. It is now a mostly defunct practice as modern communication systems are highly secured and nearly impossible to break into.
A Virtual private network can simply be thought of as accessing a normally geographically distant system from your own. A VPN allows it’s users to hide their identity by routing all connections from your system through the VPN. Hence, any websites you visit while using a VPN will see the VPN’s IP address and not yours.
A virtual private server is a virtual machine sold as a service by an Internet hosting service. They are meant to be functionally equivalent to dedicated servers (you can host websites on them).
Internet relay chat is a protocol used for both groups and for one-on-one conversations. Often utilized by developers and hackers to communicate or share files. Because they are usually unencrypted, hackers can sometimes use packet sniffers to steal personal information from them.
A bot is a software “robot” that performs an extensive set of automated tasks on its own. Search engines like Google use bots, also known as spiders, to crawl through websites in order to scan through all of your pages. In these cases bots are not meant to interfere with a user, but are employed in an effort to index sites for the purpose of ranking them accordingly for appropriate returns on search queries. But when black hats use a bot, they can perform an extensive set of destructive tasks, as well as introduce many forms of malware to your system or network. They can also be used by black hats to coordinate attacks by controlling botnets.
A botnet is a network of computers under the control of a person. When the person is launching a DDoS attack for instance, they will use a botnet under their control to accomplish it. Most often, the users of the systems will not even know they are involved or that their system resources are being used to carry out DDoS attacks or for spamming. It not only helps cover the black hat’s tracks, but increases the ferocity of the attack by using the resources of many computer systems in a coordinated effort.
Denial of Service is a type of attack meant to overload a system so that it is unable to service normal users. DoS may be used against a website or computer network to make it temporarily unresponsive. This is often achieved by sending so many content requests to the site that the server overloads. Content requests are the instructions sent, for instance, from your browser to a website that enables you to see the website in question. Some have described such attacks as the Internet equivalent of street protests and some groups, such as Anonymous frequently use it as a protest tool.
A DoS using a number of separate machines, typically a botnet. DDoS attacks are one of the most destructive hacking techniques, costing billions in damages to companies each year. Some of the biggest DDoS attacks can reach speeds of up to hundreds of Gigabits per second.
The act of rummaging through the trash of an individual or business to gather information that could be useful for a cyber criminal to gain access to a system or attain personal information to aid them in identity theft or system intrusion. One person’s garbage can indeed be a cyber criminal’s treasure.
Every threat to your computer security has to start somewhere. Unfortunately, the way most of us protect ourselves from cyber threats and intrusions, is to use detection programs (anti-viruses) that are based on analyzing, comparing and matching the digital footprint of a possible threat to an internal database of threats that have been previously detected, reported and documented. That’s why we all have to go through those seemingly never-ending updates to our antivirus programs, that’s how the database is updated and the newest threats are added to the list of what the scanners look for. That inherent flaw in our scanners is what makes a Zero Day threat so dangerous. A Zero Day threat is pristine and undocumented. From the very first day a particular threat is ever deployed (zero day) until that threat is noticed, reported, documented and added to the index, it is an unknown. As far as standard protection goes, unknown means invisible – and when it comes to cyber threats, invisible can definitely mean trouble.
Discovering and publishing the identity of an otherwise anonymous Internet user by tracing their online publically available accounts, metadata, and documents like email accounts, as well as by hacking, stalking, and harassing.
A hash is a string or number generated by an algorithm from an input like a message or file. In a communications system using hashes, the sender of a message or file can generate a hash, encrypt the hash, and send it with the message. On decryption, the recipient generates another hash. If the included and the generated hash are the same, the message or file has almost certainly not been tampered with.
A false approach to security, obscurity is a way of dealing with security holes by trying to hide them and hoping nobody finds them instead of fixing the bug properly
And now you are a bit closer to becoming a real hacker. Let’s continue onwards and learn about the most common tools used by hackers and penetration testers.
Author @Akhil Naidu