Black hat hackers (criminal hackers) are some of the most notorious people on earth. And since their operations are executed mainly on the internet, where almost everything happens; anyone can be a victim. Surprisingly, as much as you’d like to think you’re protected, you may have been a victim at some point in time. This could be through a fake login page, social engineering, or even cookie theft.
There are several ways to earn money as a black hat. Some of them being a hacker for hire; basically an online mercenary. Other ways include stealing credit card information from victims and selling the numbers in the dark web or using a victim’s machine for crypto mining.
Unethical or black hat hacking being illegal, means most hackers usually mask their identities with special software.. So, how do you know a hacker when you see one? Well, you wouldn’t. No one carries around IDs that profile them as cybercriminals, which is why learning how they operate can help you stay wary with this article.
How Do Hackers Steal My Data?
Your data can be stolen from hackers in several ways. Some of the common ways hackers can steal your information are listed below:
There are many variants of malware that can be used to steal your data. They include keyloggers, info stealers, and remote access trojans (RAT’s). Hackers can use these techniques to focus on login information, autofill data of browsers, and cryptocurrency wallet information.
Specific variants, such as the notorious Vega information stealer, malicious macros in Word, Excel, or PDF files are all valid threats to a victim. After the victim has become infected, the files are exfiltrated to a remote control server controlled by the attacker.
Malware is mainly spread via malicious email attachments, drive-by downloads, malvertising, and pirated software.
Phishing is a form of social engineering in which hackers attempt to extract sensitive information from you. This may include login details, credit card information, and personally identifiable information (PII).
How are phishing scams conducted? A scammer poses as a reputable company like Google, Netflix, or Amazon, telling you there’s a problem with your account. You’re encouraged to click a link where you’re prompted to login to your account to resolve the issue.
This login data gets forwarded to hackers, who gain access to real account. Typical routes for phishing attacks are via emails. They can also be delivered through social media and text messages (smishing).
This is one prevalent way hackers steal data from users. They can crack the password hash of your online accounts to gain access. This can be accomplished through the following ways:
- Password leaks: Hacking service providers or companies can lead to millions of leaked passwords. In some scenarios, they are dumped on the dark web for the most vile of governments and hackers to see; other times they are sold to said groups. Because most people use the same password for various activities, attackers copy them and use them to access other accounts. (this leads to a password spraying attack)
- Brute force attacks: This method involves hackers trying out every possible character combination until the correct password is guessed right. Short and weak passwords are very vulnerable to brute force attacks.
- Post-exploitation tools: Some tools are designed to extract passwords and other sensitive data stored in already-compromised systems. If you’re using a compromised system, a hacker can use post-exploitation tools like Mimikatz to steal your login details.
A hacker can steal your data when you use unsecured connections like public Wi-Fi networks. Public Wi-Fi is often unencrypted, hence easily exploitable to man-in-the-middle (MITM) attacks.
How Do Hackers Monetize Stolen Data?
Once a hacker has successfully stolen your data, the next thing they do is catalog it. They do this by arranging the stolen data in a database. The collected data can then be monetized in various ways. They can:
Utilize the data themselves
In some instances, hackers may use the data stolen from a victim to buy items online or to commit fraud. However, committing fraud is a less likely scenario since that tends to draw attention to them. Hackers can use your stolen data to do the following:
- Purchase items online
- Withdraw money from your bank account
- Submitting bank loan applications
- Make fake health insurance claims
- Offset their debts
- Send multiple emails to your contact, asking for money.
- Steal the identity of the victim
- Sell the data to big corporations, governments, or individuals
Sell your login details.
In the dark web, username and password sales are the order of the day. Shocking right? The Symantec report shows how many stolen account credentials are sold for in the black market. Depending on the haggling prowess of the hacker, this is what is obtainable:
- Gaming accounts: $0.50 – $12
- Video and music streaming accounts: $0.10 – $2
- Online banking accounts: 0.5% – 10% of what the account is worth.
Sell your PII
Hackers can mine a victim’s PII and then sell it in the black market accessible on the dark web. Recent data seem to be worth more than older ones. Your PII data is worth the following:
- Name, SSN, and date of birth: $0.10 – $1.50
- Prescriptions from medical experts: $15 – $20
- Identity cards and valuable passport scans: $1 – $35
- Complete ID packages: $30 – $100
At this juncture, you may be compelled to ask, “what other ways besides selling do hackers make money?” The revenue streams of hackers are numerous. They most likely will benefit directly from the victim if they don’t sell the stolen data.
It will shock you that many ransomware have data exfiltration ability embedded in the payload. With this, hackers can encrypt and steal your data through various channels like the IP protocols: HTTP, HTTPS, FTP, DNS, SMTP etc.
The purpose of ransomware is to use the stolen data to blackmail you into paying a considerable amount of money to have your files decrypted. There is no guarantee that the criminal will provide the decryption key, so it is wise to not pay for the ransom.
Other things for a victim to consider with ransomware are:
- Has the user’s data been backed up securely to a cloud storage or physical storage medium?
- Are there extremely sensitive files on the infected device?
- Has the victim disconnected the device from the network?
- Is it known if the ransomware infection originated from the infected device or some other device connected to the same network?
What Effect Does Data Theft Have on Victims?
It might interest you to know that some cybercriminals have reputable jobs or businesses. Due to the fluidity of the internet, they have taken on “side jobs” to exploit unsuspecting individuals to generate some extra revenue.
But what scar does this leave on victims of cybercrimes? The repercussions of being a victim could be pretty overwhelming. They could put you through the stress of securing your compromised accounts or reversing fraudulent procurements. Some are annoying and tedious but don’t cause permanent damage.
For instance, if your SSN is stolen and used for fraud, it could affect your credit score and credit history. Salvaging the damage can be challenging and bar you from making loan applications. In worse cases, you may be barred from renting a property or buying a home.
Almost all data theft is driven by the impulse to make more money. There are several ways hackers can harvest your data. Once this data is obtained, it’s up for sale in less than a few days or hours in the black market. In other cases, the purpose is to use your machine to mine for crypto currencies, earning the hacker money in the crypto market.
Understanding cyber security best practices will help you to avoid the threat of most attacks; sometimes this isn’t even enough. I hope this article has given you some insight into the money making tactics of cyber criminals!