Simulation of Cyber-Attacks

Lets play “Hacker”!

 Lets make it clear:
• Hiring an experienced Hacker to demonstrate his techniques, is not an easy thing!

• You can always trust YouTube to find the videos you look for, but … we ‘re not here just to
watch some videos!

• We could use a prepared online course with videos and exercises, but…it takes to much
time…

What we will try to do here, is a little bit of all the above:

• Demonstration of simple tricks
• Perform simple exercises
• Watch some videos, too!
1.Spyware
• Keyloggers
• StalkWare / Parental Control Software
2.Brute force Attacks
• Hacking a remote service
• Cracking a network device password
3.Phishing through fake emails
4.“Evil” usb devices use
 GENERAL SECURITY ADVICES
• I keep my device’s Operating System updated
• I use current and updated Cyber - Defense software
• I do not use public devices for very
important tasks (eshoping, ebanking, etc)
• I choose different, unpredictable passwords, do not share
them, and change them occasionally
• I choose “two factor” verification, if optional

...I think twice before I click!

I need a volunteer (to write something for me)
Keyloggers:
• Works in “stealth” mode
• Keeps a log file of your keystrokes
• Keeps a log file with the applications you use
• Takes snapshots of your screen
• Can send reports to certain emails
Press Alt + ctrl + Shift + U on your computer…
Spyrix free keylogger
Stalker-ware: A special kind of Spyware
Stalker-ware: A special kind of Spyware
• …the evolution of keyloggers
• can literally record your life by detail!
• Used (mostly) by suspicious
husbands/wifes/girlfriends/boyfriends/parents/ employers …
• Many similarities with “parental control” software
Stalkerware is a spying app or software used to let someone else track your device. It is usually installed
without the user’s consent or even knowledge. In most cases, the stalker and the victim have a close
relationship, and the victim does not suspect they’re being spied on. Such apps can be used by parents to
monitor their kids, employers to track their employees, and insecure spouses to check on their partners.
• Visit www.qustodio.com
• Select Login  Qustodio for families
• Email: pc01.alikianos@yahoo.com
• Password: #alan01!
 BRUTE FORCE ATTACK

WHAT IT DOES
Brute Force Attacks refer to a trial and error
method utilized to find the username and
password mixes in order to gain access to an
account

• Dictionaries are being used

• Automated software can perform millions of trials in minutes
• Potentially can hack every existing account, but…
• …demands a very long time for strong passwords
• “old – school”, but still popular method
Brute force Attacks: Cracking a network device

I need a volunteer (to choose a password for me)

Tool to use: Hash Suite free version

• Performs brute force attach on

encrypted system files
• Uses rules for combinations
• Uses dictionaries
• Can gain access to local or
network device (wired or
wireless)
• Used also by Cyber Security
specialists to discover weak
accounts
Brute force Attacks: Cracking a network device

On your desktop, open the folder “Hash Suite

Free” and run the “Hash_Suite_64.exe”
application…
Brute force Attacks: Hacking a remote service
Tool to use: Brutus – AET2

• “…This is an old attack method, but it's still

effective and popular with hackers.”
(kaspersky.com)
• Now-days most web services have anti-measures
• Most popular (and updated) tools: Brutus,
Medusa, THC Hydra, Ncrack, John the Ripper,
Aircrack-ng, and Rainbow
• “…Many can find a single dictionary word
password within one second.” (kaspersky.com)
 Check your emails!

• Visit mail.yahoo.com
• Emails: pc01.alikianos@yahoo.com - pc08.alikianos@yahoo.com
• Passwords: #alan01! - #alan08!
 Fake Mailers

• Easy to find
• Many of them free of charge
• Advertised as “fun games” …
• …but can be dangerous!
• Some of them, really fully customizable

Visit https://emkei.cz to play a “fun game”

USB Devices Hacks:
• “Altered” devices which uses the USB port
• They run malicious applications on our
computers
• They can transmit data/receive commands
through embedded Wi-Fi sensors
• They result to an full-infected machine /
stolen data
• Evil USB keyboards, cables, flash drives, even
e-cigarettes
Lets create an “Evil” USB Device

• On your PC desktop search for the E-USB folder

• Open the Read-Me file
• Follow the instructions…
Some interesting Videos about Hacking…

https://www.youtube.com/watch?v=CV39QzFpJx4

https://www.youtube.com/watch?v=Vo1urF6S4u0

https://www.youtube.com/watch?v=V3CTfJ2ZP7M
Thanks for “paying Hacker” with me…
Take Care!