Criminal Minds Case.1-2

Continued from
She doesn’t even know what she did just same as most of uneducated people about the internet security.

  1. The hacker injected ROOTKIT into her PC.
    He can do everything he wants.

  2. The hacker was watching her PC for a long time.
    a. Keyboard typing.
    b. Her favorite sites.
    c. What time she mostly uses her internet or pc work.
    d. Etc.

A lot of people are using same ID/PASSWORD for log-in accounts.

  1. The hacker took her ID/PASSWORD easly from other site or just got from her keyboard typing.
  2. Alright… now the hacker can login her banking account.

<What does the hacker know?>

  1. Login ID/PASSWORD
  2. Password for transfer.

However, there are still some protections for safe banking.
Yes, Encrypted Certification!
There are a few ways take a Certification.

  1. Using Sniffing.(her IP range is different from hacker’s. Is it possible?
    Don’t forget…her pc is already under control.)
    This is easy to do.
  2. Renewing from the bank.
    This is hard to do. If you want to get a certification, there are other protections
    to prove identification for the owner. CELL phone respond required(the bank sends you Secrete code then you type it), personal information required(social security number, name ,phone number etc)
  3. Copying from her HDD or any removable drive.
    This is easy to do.

So, finally he got the Certification!!(we don’t need a certification hacking in this case.
I’m going to talk about Certification hacking with other Cases later)
Anything we missed?

Yes, there is Final Gate. THE SECURITY CARD.

(the bank gives you)

(web page shows you)

How to do now?
How to find all of digit numbers?

To be continued.

[attachment deleted by admin]