Hacking and Phishing

Home , Jeremy Hammond, LulzSec, Script kiddie, Stratfor, Time bomb (software)

2018 NATIONAL SEMINAR US SENTENCING COMMISSION

National Seminar Denial of Service Attack (DoS) - DoS Metaphorically it extends to social knowledge of your IP address to your is used against a website or computer engineering in its manipulation of computer via one of its ports, the Hacking & Phishing Glossary: network to make it temporarily social code to effect change. Many points that regulate information traffic 2018 Annual National Seminar unresponsive. This is often achieved by prefer to use the term cracking to f low. sending so many content requests to describe hacking into a machine or the site that the server overloads. program without permission. Hackers IRC - Internet relay chat is a protocol Adware - Adware can mean the government intelligence to build frequently based in the former Soviet Content requests are the instructions are sometimes divided into white hat, used by groups and for one-on-one software that automatically generates backdoors into their products. Union. sent, for instance, from your browser to black hat, and gray hat hackers. conversations, often utilized by advertisements in a program that is Malware is often designed to exploit a website that enables you to see the hackers to communicate or share files. otherwise free, such as an online video back doors. Brute Force Attack - Also known as website in question. Some have Hacktivist - A hacker whose goals are Because they are usually unencrypted, game. But in this context it more an exhaustive key search, a brute force described such attacks as the Internet social or political. Examples range hackers sometimes use packet sniffers commonly means a kind of spyware Black hat - Black hat hackers are those attack is an automated search for every equivalent of street protests and some from reporting online anonymously to steal personal information from that tracks your browsing habits who engage in hacking for illegal possible password to a system. It is an groups, such as Anonymous frequently from a country that attacks free speech them. covertly to generate those ads. purposes, often for financial gain, inefficient method of hacking use it as a protest tool. to launching a DDoS campaign though also for notoriety. Their hacks compared to others like phishing. It’s against a company whose CEO has Keystroke Logging / Keylogger - Anonymous - A non-hierarchical (and cracks) result in inconvenience used usually when there is no Distributed Denial of Service Attack issued objectionable statements. Not to Keystroke logging is the tracking of hacktivist collective, Anonymous uses and loss for both the owners of the alternative. The process can be made (DDoS) - A DoS using a number of be confused with slacktivism, which which keys are pressed on a computer hacking (and arguably cracking) system they hack and the users. shorter by focusing the attack on separate machines. This can be refers to push-button activism in which (and which touchscreen points are techniques to register political protest password elements likely to be used by accomplished by seeding machines a supporter of a social or political used). It is, simply, the map of a in campaigns known as “#ops.” Best Bot - A program that automates a a specific system. with a Trojan and creating a botnet or, campaign’s goals does nothing but computer/human interface. It is used known for their distributed denial of usually simple action so that it can be as is the case with a number of register their support online, for by gray and black hat hackers to record services (DDoS) attacks, past activities done repeatedly at a much higher rate Clone Phishing - Clone phishing is the Anonymous attacks, by using the instance by “liking” a Facebook page. login IDs and passwords. Keyloggers have included attacks against the for a more sustained period than a modification of an existing, legitimate machines of volunteers. are usually secreted onto a device Church of Scientology; Visa, Paypal, human operator could do it. Like most email with a false link to trick the Hash - A hash is a number generated using a Trojan delivered by a phishing and others who withdrew their things in the world of hacking, bots recipient into providing personal Doxing - Discovering and publishing by an algorithm from a string of email. services from WikiLeaks’ Julian are, in themselves, benign and used for information. the identity of an otherwise characters in a message or other string. Assange after that group began a host of legitimate purposes, like anonymous Internet user by tracing In a communications system using Logic Bomb - A virus secreted into a releasing war documents; #OpTunisia online content delivery. However, they Code - Code is the machine-readable, their online publically available hashes, the sender of a message or file system that triggers a malicious action and others purporting to support the are often used in conjunction with usually text-based instructions that accounts, metadata, and documents can generate a hash, encrypt the hash, when certain conditions are met. The Arab Spring; and a campaign that cracking, and that’s where their public govern a device or program. Changing like email accounts, as well as by and send it with the message. On most common version is the time brought down the website of the notoriety comes from. Bots can be the code can change the behavior of the hacking, stalking, and harassing. decryption, the recipient generates bomb. Westboro Baptist Church. #Ops are used, for instance, to make the content device or program. another hash. If the included and the usually marked with the release of a calls that make up denial of service Firewall - A system using hardware, generated hash are the same, the LulzSec - LulzSec is an Anonymous video of a reader in a Guy Fawkes attacks. Bot is also a term used to refer Compiler - A compiler is a program software, or both to prevent message or file has almost certainly offshoot. It’s best-known actions were mask using a computer generated to the individual hijacked computers that translates high-level language unauthorized access to a system or not been tampered with. hacking user information from the voice. Offshoot groups include AntiSec that make up a botnet. (source code in a programming machine. website of Sony Pictures and for and LulzSec. language) into executable machine IP - Internet protocol address. It’s the allegedly shutting down the CIA Botnet - A botnet is a group of language. Compilers are sometimes Gray Hat - Just like the rest of life, distinctive numeral fingerprint that website with a DDoS attack. LulzSec’s AntiSec - An Anonymous splinter computers controlled without their rewritten to create a back door without hacking is often less black or white each device carries that’s connected to best known, however, for Hector group, AntiSec was best known for the owners’ knowledge and used to send changing a program’s source code. than it is gray. The term gray hat a network using Internet Protocol. If Xavier Monsegur, a.k.a. “Sabu,” a hack of security firm Stratfor, spam or make denial of service attacks. hacker reflects that reality. A gray hat you have a device’s IP you can often hacker turned FBI informant, whose publishing credit card numbers and Malware is used to hijack the Cookie - Cookies are text files sent hacker will break the law in the pursuit identify the person using it, track its intel led to the arrest of four other email addresses taken from the individual computers, also known as from your Web browser to a server, of a hack, but does not do so activity, and discover its location. LulzSec members. He faces the company’s site. Jeremy Hammond was “zombies,” and send directions usually to customize information from maliciously or for personal gain. Many These addresses are apportioned by the possibility of a long prison term despite arrested for alleged Anti-Sec activities through them. They are best known in a website. would argue Anonymous are gray regional Internet registries of the his cooperation. under the alias sup_g. terms of large spam networks, hats. IANA (the Internet Assigned Numbers Cracking - To break into a secure Authority). Crackers can use Malware - A software program Back Door - A back door, or trap door, computer system, frequently to do Hacking - Hacking is the creative designed to hijack, damage, or steal is a hidden entry to a computing device damage or gain financially, though manipulation of code, distinguished, information from a device or system. or software that bypasses security sometimes in political protest. albeit amorphously, from Examples include spyware, adware, measures, such as logins and password programming by focusing on the rootkits, viruses, keyloggers, and many protections. Some have alleged that manipulation of already written code more. The software can be delivered in manufacturers have worked with in the devices or software for which a number of ways, from decoy websites that code was already written. and spam to USB drives.

Hacking & Phishing Glossary: National 2018 Annual National Seminar Seminar

Denial of Service Attack (DoS) - DoS Metaphorically it extends to social knowledge of your IP address to your is used against a website or computer engineering in its manipulation of computer via one of its ports, the network to make it temporarily social code to effect change. Many points that regulate information traffic unresponsive. This is often achieved by prefer to use the term cracking to f low. sending so many content requests to describe hacking into a machine or the site that the server overloads. program without permission. Hackers IRC - Internet relay chat is a protocol Adware - Adware can mean the government intelligence to build frequently based in the former Soviet Content requests are the instructions are sometimes divided into white hat, used by groups and for one-on-one software that automatically generates backdoors into their products. Union. sent, for instance, from your browser to black hat, and gray hat hackers. conversations, often utilized by advertisements in a program that is Malware is often designed to exploit a website that enables you to see the hackers to communicate or share files. otherwise free, such as an online video back doors. Brute Force Attack - Also known as website in question. Some have Hacktivist - A hacker whose goals are Because they are usually unencrypted, game. But in this context it more an exhaustive key search, a brute force described such attacks as the Internet social or political. Examples range hackers sometimes use packet sniffers commonly means a kind of spyware Black hat - Black hat hackers are those attack is an automated search for every equivalent of street protests and some from reporting online anonymously to steal personal information from that tracks your browsing habits who engage in hacking for illegal possible password to a system. It is an groups, such as Anonymous frequently from a country that attacks free speech them. covertly to generate those ads. purposes, often for financial gain, inefficient method of hacking use it as a protest tool. to launching a DDoS campaign though also for notoriety. Their hacks compared to others like phishing. It’s against a company whose CEO has Keystroke Logging / Keylogger - Anonymous - A non-hierarchical (and cracks) result in inconvenience used usually when there is no Distributed Denial of Service Attack issued objectionable statements. Not to Keystroke logging is the tracking of hacktivist collective, Anonymous uses and loss for both the owners of the alternative. The process can be made (DDoS) - A DoS using a number of be confused with slacktivism, which which keys are pressed on a computer hacking (and arguably cracking) system they hack and the users. shorter by focusing the attack on separate machines. This can be refers to push-button activism in which (and which touchscreen points are techniques to register political protest password elements likely to be used by accomplished by seeding machines a supporter of a social or political used). It is, simply, the map of a in campaigns known as “#ops.” Best Bot - A program that automates a a specific system. with a Trojan and creating a botnet or, campaign’s goals does nothing but computer/human interface. It is used known for their distributed denial of usually simple action so that it can be as is the case with a number of register their support online, for by gray and black hat hackers to record services (DDoS) attacks, past activities done repeatedly at a much higher rate Clone Phishing - Clone phishing is the Anonymous attacks, by using the instance by “liking” a Facebook page. login IDs and passwords. Keyloggers have included attacks against the for a more sustained period than a modification of an existing, legitimate machines of volunteers. are usually secreted onto a device Church of Scientology; Visa, Paypal, human operator could do it. Like most email with a false link to trick the Hash - A hash is a number generated using a Trojan delivered by a phishing and others who withdrew their things in the world of hacking, bots recipient into providing personal Doxing - Discovering and publishing by an algorithm from a string of email. services from WikiLeaks’ Julian are, in themselves, benign and used for information. the identity of an otherwise characters in a message or other string. Assange after that group began a host of legitimate purposes, like anonymous Internet user by tracing In a communications system using Logic Bomb - A virus secreted into a releasing war documents; #OpTunisia online content delivery. However, they Code - Code is the machine-readable, their online publically available hashes, the sender of a message or file system that triggers a malicious action and others purporting to support the are often used in conjunction with usually text-based instructions that accounts, metadata, and documents can generate a hash, encrypt the hash, when certain conditions are met. The Arab Spring; and a campaign that cracking, and that’s where their public govern a device or program. Changing like email accounts, as well as by and send it with the message. On most common version is the time brought down the website of the notoriety comes from. Bots can be the code can change the behavior of the hacking, stalking, and harassing. decryption, the recipient generates bomb. Westboro Baptist Church. #Ops are used, for instance, to make the content device or program. another hash. If the included and the usually marked with the release of a calls that make up denial of service Firewall - A system using hardware, generated hash are the same, the LulzSec - LulzSec is an Anonymous video of a reader in a Guy Fawkes attacks. Bot is also a term used to refer Compiler - A compiler is a program software, or both to prevent message or file has almost certainly offshoot. It’s best-known actions were mask using a computer generated to the individual hijacked computers that translates high-level language unauthorized access to a system or not been tampered with. hacking user information from the voice. Offshoot groups include AntiSec that make up a botnet. (source code in a programming machine. website of Sony Pictures and for and LulzSec. language) into executable machine IP - Internet protocol address. It’s the allegedly shutting down the CIA Botnet - A botnet is a group of language. Compilers are sometimes Gray Hat - Just like the rest of life, distinctive numeral fingerprint that website with a DDoS attack. LulzSec’s AntiSec - An Anonymous splinter computers controlled without their rewritten to create a back door without hacking is often less black or white each device carries that’s connected to best known, however, for Hector group, AntiSec was best known for the owners’ knowledge and used to send changing a program’s source code. than it is gray. The term gray hat a network using Internet Protocol. If Xavier Monsegur, a.k.a. “Sabu,” a hack of security firm Stratfor, spam or make denial of service attacks. hacker reflects that reality. A gray hat you have a device’s IP you can often hacker turned FBI informant, whose publishing credit card numbers and Malware is used to hijack the Cookie - Cookies are text files sent hacker will break the law in the pursuit identify the person using it, track its intel led to the arrest of four other email addresses taken from the individual computers, also known as from your Web browser to a server, of a hack, but does not do so activity, and discover its location. LulzSec members. He faces the company’s site. Jeremy Hammond was “zombies,” and send directions usually to customize information from maliciously or for personal gain. Many These addresses are apportioned by the possibility of a long prison term despite arrested for alleged Anti-Sec activities through them. They are best known in a website. would argue Anonymous are gray regional Internet registries of the his cooperation. under the alias sup_g. terms of large spam networks, hats. IANA (the Internet Assigned Numbers Cracking - To break into a secure Authority). Crackers can use Malware - A software program Back Door - A back door, or trap door, computer system, frequently to do Hacking - Hacking is the creative designed to hijack, damage, or steal is a hidden entry to a computing device damage or gain financially, though manipulation of code, distinguished, information from a device or system. or software that bypasses security sometimes in political protest. albeit amorphously, from Examples include spyware, adware, measures, such as logins and password programming by focusing on the rootkits, viruses, keyloggers, and many protections. Some have alleged that manipulation of already written code more. The software can be delivered in manufacturers have worked with in the devices or software for which a number of ways, from decoy websites that code was already written. and spam to USB drives.

Master - The computer in a botnet that Rootkit - A rootkit is a set of software Spoofing - Email spoofing is altering Whaling - Spear-phishing that targets controls, but is not controlled by, all programs used to gain the header of an email so that it the upper management of for-profit the other devices in the network. It’s administrator-level access to a system appears to come from elsewhere. A companies, presumably in the hope also the computer to which all other and set up malware, while black hat hacker, for instance, might that their higher net worth will result devices report, sending information, simultaneously camouflaging the alter his email header so it appears to in either more profit, if the cracker is such as credit card numbers, to be takeover. come from your bank. IP spoofing is after financial gain, or that their higher processed. Control by the master of the the computer version, in which a profile will ensure the gray hat hacker bots is usually via IRC. Script Kiddie - A pejorative term for a packet is sent to a computer with the IP more exposure for his or her cause. would-be cracker without technical altered to imitate a trusted host in the NSA - The National Security Agency skills. Script kiddies use prefab hope that the packet will be accepted White Hat - An ethical hacker who is the U.S. intelligence group dedicated cracking tools to attack systems and and allow the sender access to the uses his skills in the service of social to intercepting and analyzing data, deface them, often in an attempt to target machine. good. The term may also be applied to specifically electronic data. score points with their peers. a hacker who helps a company or Spyware - Spyware is a type of organization, or users in general, by Payload - The cargo of a data Social Engineering - Social malware that is programmed to hide exposing vulnerabilities before black transmission is called the payload. In engineering is conning people into on a target computer or server and send hat hackers do. black hat hacking, it refers to the part giving you confidential information, back information to the master server, of the virus that accomplishes the such as passwords to their accounts. including login and password Worm - Self-replicating, standalone action, such as destroying data, Given the difficulty of breaking, information, bank account malware. As a standalone it does not harvesting information, or hijacking 128-bit encryption with brute force, for information, and credit card numbers. report back to a master, and unlike a the computer. example, social engineering is an virus it does not need to attach itself to integral element of cracking. Examples Syrian Electronic Army - The SEA is an existing program. It often does no Packet Sniffer - Sniffers are programs include phishing and spear-phishing. a pro-government hacking group, best more than damage or ruin the designed to detect and capture certain known for defacing high-profile computers it is transmitted to. But it’s types of data. Packet sniffers are Spam - Unwanted and unsolicited publications like the New York Times sometimes equipped with a payload, designed to detect packets traveling email and other electronic messages and National Public Radio (and the usually one that installs back doors on online. Packets are packages of that attempt to convince the receiver to Daily Dot). Recently, Vice and Krebs the infected machine to make a botnet. information traveling on the Internet either purchase a product or service, or on Security have doxed several alleged that contain the destination address in use that prospect to defraud the members of the group. Some have Zero Day Exploit - A zero day attack addition to content. Packets can be recipient. The largest and most accused them of being less hackers is a previously unknown vulnerability used to capture login information and profitable spamming organizations than script kiddies. in a system. A zero day attack is the passwords for a device or computer often use botnets to increase the first such use of the exploit by a network. amount of spam they send (and Time Bomb - A virus whose payload is cracker. therefore the amount of money they deployed at or after a certain time. Phishing - Tricking someone into make). giving you their personal information, Trojan Horse - A Trojan is a type of including login information and Spear-phishing - A more focused type malware that masquerades as a passwords, credit card numbers, and so of phishing, targeting a smaller group desirable piece of software. Under this on by imitating legitimate companies, of targets, from a department within a camouflage, it delivers its payload and organizations, or people online. company or organization down to an usually installs a back door in the Phishing’s often done via fake emails individual. infected machine. or links to fraudulent websites. Virus - Self-replicating malware that Remote access - Remote control is the injects copies of itself in the infected process of getting a target computer to machine. A virus can destroy a hard recognize your keystrokes as its own, drive, steal information, log like changing a TV with a remote keystrokes, and many other malicious control. Gaining remote access allows activities. you to run the target machine completely by using your own, Vulnerability - A weak spot hackers allowing for the transfer of files can exploit to gain access to a machine. between the target and the host. Denial of Service Attack (DoS) - DoS Metaphorically it extends to social knowledge of your IP address to your is used against a website or computer engineering in its manipulation of computer via one of its ports, the network to make it temporarily social code to effect change. Many points that regulate information traffic unresponsive. This is often achieved by prefer to use the term cracking to f low. sending so many content requests to describe hacking into a machine or the site that the server overloads. program without permission. Hackers IRC - Internet relay chat is a protocol Adware - Adware can mean the government intelligence to build frequently based in the former Soviet Content requests are the instructions are sometimes divided into white hat, used by groups and for one-on-one software that automatically generates backdoors into their products. Union. sent, for instance, from your browser to black hat, and gray hat hackers. conversations, often utilized by advertisements in a program that is Malware is often designed to exploit a website that enables you to see the hackers to communicate or share files. otherwise free, such as an online video back doors. Brute Force Attack - Also known as website in question. Some have Hacktivist - A hacker whose goals are Because they are usually unencrypted, game. But in this context it more an exhaustive key search, a brute force described such attacks as the Internet social or political. Examples range hackers sometimes use packet sniffers commonly means a kind of spyware Black hat - Black hat hackers are those attack is an automated search for every equivalent of street protests and some from reporting online anonymously to steal personal information from that tracks your browsing habits who engage in hacking for illegal possible password to a system. It is an groups, such as Anonymous frequently from a country that attacks free speech them. covertly to generate those ads. purposes, often for financial gain, inefficient method of hacking use it as a protest tool. to launching a DDoS campaign though also for notoriety. Their hacks compared to others like phishing. It’s against a company whose CEO has Keystroke Logging / Keylogger - Anonymous - A non-hierarchical (and cracks) result in inconvenience used usually when there is no Distributed Denial of Service Attack issued objectionable statements. Not to Keystroke logging is the tracking of hacktivist collective, Anonymous uses and loss for both the owners of the alternative. The process can be made (DDoS) - A DoS using a number of be confused with slacktivism, which which keys are pressed on a computer hacking (and arguably cracking) system they hack and the users. shorter by focusing the attack on separate machines. This can be refers to push-button activism in which (and which touchscreen points are techniques to register political protest password elements likely to be used by accomplished by seeding machines a supporter of a social or political used). It is, simply, the map of a in campaigns known as “#ops.” Best Bot - A program that automates a a specific system. with a Trojan and creating a botnet or, campaign’s goals does nothing but computer/human interface. It is used known for their distributed denial of usually simple action so that it can be as is the case with a number of register their support online, for by gray and black hat hackers to record services (DDoS) attacks, past activities done repeatedly at a much higher rate Clone Phishing - Clone phishing is the Anonymous attacks, by using the instance by “liking” a Facebook page. login IDs and passwords. Keyloggers have included attacks against the for a more sustained period than a modification of an existing, legitimate machines of volunteers. are usually secreted onto a device Church of Scientology; Visa, Paypal, human operator could do it. Like most email with a false link to trick the Hash - A hash is a number generated using a Trojan delivered by a phishing and others who withdrew their things in the world of hacking, bots recipient into providing personal Doxing - Discovering and publishing by an algorithm from a string of email. services from WikiLeaks’ Julian are, in themselves, benign and used for information. the identity of an otherwise characters in a message or other string. Assange after that group began a host of legitimate purposes, like anonymous Internet user by tracing In a communications system using Logic Bomb - A virus secreted into a releasing war documents; #OpTunisia online content delivery. However, they Code - Code is the machine-readable, their online publically available hashes, the sender of a message or file system that triggers a malicious action and others purporting to support the are often used in conjunction with usually text-based instructions that accounts, metadata, and documents can generate a hash, encrypt the hash, when certain conditions are met. The Arab Spring; and a campaign that cracking, and that’s where their public govern a device or program. Changing like email accounts, as well as by and send it with the message. On most common version is the time brought down the website of the notoriety comes from. Bots can be the code can change the behavior of the hacking, stalking, and harassing. decryption, the recipient generates bomb. Westboro Baptist Church. #Ops are used, for instance, to make the content device or program. another hash. If the included and the usually marked with the release of a calls that make up denial of service Firewall - A system using hardware, generated hash are the same, the LulzSec - LulzSec is an Anonymous video of a reader in a Guy Fawkes attacks. Bot is also a term used to refer Compiler - A compiler is a program software, or both to prevent message or file has almost certainly offshoot. It’s best-known actions were mask using a computer generated to the individual hijacked computers that translates high-level language unauthorized access to a system or not been tampered with. hacking user information from the voice. Offshoot groups include AntiSec that make up a botnet. (source code in a programming machine. website of Sony Pictures and for and LulzSec. language) into executable machine IP - Internet protocol address. It’s the allegedly shutting down the CIA Botnet - A botnet is a group of language. Compilers are sometimes Gray Hat - Just like the rest of life, distinctive numeral fingerprint that website with a DDoS attack. LulzSec’s AntiSec - An Anonymous splinter computers controlled without their rewritten to create a back door without hacking is often less black or white each device carries that’s connected to best known, however, for Hector group, AntiSec was best known for the owners’ knowledge and used to send changing a program’s source code. than it is gray. The term gray hat a network using Internet Protocol. If Xavier Monsegur, a.k.a. “Sabu,” a hack of security firm Stratfor, spam or make denial of service attacks. hacker reflects that reality. A gray hat you have a device’s IP you can often hacker turned FBI informant, whose publishing credit card numbers and Malware is used to hijack the Cookie - Cookies are text files sent hacker will break the law in the pursuit identify the person using it, track its intel led to the arrest of four other email addresses taken from the individual computers, also known as from your Web browser to a server, of a hack, but does not do so activity, and discover its location. LulzSec members. He faces the company’s site. Jeremy Hammond was “zombies,” and send directions usually to customize information from maliciously or for personal gain. Many These addresses are apportioned by the possibility of a long prison term despite arrested for alleged Anti-Sec activities through them. They are best known in a website. would argue Anonymous are gray regional Internet registries of the his cooperation. under the alias sup_g. terms of large spam networks, hats. IANA (the Internet Assigned Numbers Cracking - To break into a secure Authority). Crackers can use Malware - A software program Back Door - A back door, or trap door, computer system, frequently to do Hacking - Hacking is the creative designed to hijack, damage, or steal is a hidden entry to a computing device damage or gain financially, though manipulation of code, distinguished, information from a device or system. or software that bypasses security sometimes in political protest. albeit amorphously, from Examples include spyware, adware, measures, such as logins and password programming by focusing on the rootkits, viruses, keyloggers, and many protections. Some have alleged that manipulation of already written code more. The software can be delivered in manufacturers have worked with in the devices or software for which a number of ways, from decoy websites that code was already written. and spam to USB drives.

2018 NATIONAL SEMINAR US SENTENCING COMMISSION

Hacking & Phishing Glossary: National 2018 Annual National Seminar Seminar

2018 NATIONAL SEMINAR US SENTENCING COMMISSION

Hacking & Phishing Glossary: National 2018 Annual National Seminar Seminar