Hacking a Facebook account is a very difficult task and it is nearly impossible to hack a Facebook account in 2018 by exploiting security vulnerabilities in Facebook . Here in this tutorial we will discuss about the new methods by which we can hack into a Facebook account in 2018. Also we will discuss about the ways by which you can protect yourself from Facebook hacking.
Keep in mind there is no such tools to hack a Facebook account in 2018, also all Facebook hacking websites are fake.
New Methods through which one can hack Facebook accounts in 2018 are,
In Phishing attack an attacker will host a website which will look just like Facebook to his webserver and the attacker will share the links to the victim. If the victim logins into the Fake website of hackers with his real username and password, the attacker will log it and will use the same username and password to login to the victim account. An example of a facebook phishing page is given below.
Here this image will look exactly like Facebook but the domain is not Facebook. That domain is owned by attackers.
How to make yourself safe !
Enter your credentials only in www(.)facebook(.)com
Make sure that the connection is https
2) Mobile Device Hijacking
The second most common method used by hacker for hacking into your Facebook account is by Hijacking your smartphone. Facebook accounts will be connected to the mobile number of the victim, the attacker can get access to your Smart Phones using,
- Malicious Application that the victim installed from Play Store
- Installing Malicious Applications by using Social Engineering
- By getting access to custom ROMs
After getting access to the device of the victim the attacker can perfrom tasks like Reading Messages, Make Phone calls, Open camera etc.
Once getting access to the device the attacker will reset the password of your Facebook account. Facebook will send a message to the Smart Phone to which the hackers have access. The hackers will read the Reset Code and using that they will compromise the account.
Facebook 2 Factor Authentication can also be bypassed using this method, as the 2FA code will be messaged to the mobile number and as the attackers are having access to the Smart Phone they will get the code.
How to Make Yourself Safe !
Don’t install unwanted Applications
Don’t install Applications from unknown Sources
Keylogging is a method by which the attackers will Log all your keystrokes using some malicious softwares, Software keyloggers, Hardware Keyloggers etc.
A keylogger can either be a software of hardware.
A keylogger can also be used as a tool to record screen, perform actions such as installing another malicious software’s, to show advertisement etc. Keyloggers can’t be stopped by HTTPS as it is applicable only while transmitting data from one computer to another. Using Facebook from such an infected computer will give the attackers the username and passwords that we used as the software is recording all those keystrokes.
Here is an example for hardware keylogger.
Here we can see that the cable from keyboard is not directly connected to the CPU instead it is connected to an external keylogger hardware first and then it is connected to the CPU. The hardware keylogger will save all those keystrokes and will mail it to the attacker when connected to internet . Hardware keylogger is most commonly found in public internet cafes and Internet Stations. Criminals also uses keyboard overlay to capture keystrokes.
Vulnerable wireless keyboards can be exploited to get the Keystrokes which is passing between the keyboard and the computer.
How to Make Yourself Safe !
Avoid using public internet cafes.
Use On Screen keyboard while entering usernames and passwords.
Use anti-keylogger software’s which can protect you from keyloggers.
Don’t install unwanted Software’s.
4. By Exploiting Security Vulnerabilities of Facebook
Attackers can hack your facebook account by exploiting security vulnerabilities of Facebook. Facebook exploits are hard to find as the facebook is running Bug Bounty program’s and is giving huge cash rewards to researchers who point out vulnerabilities in Facebook.
Eligible websites includes
|Websites: facebook.com, fb.com, fb.me, messenger.com, thefacebook.com, accountkit.com
Apps: Ads Manager, Facebook, Facebook Lite, Workplace by Facebook, Groups, Hello, Mentions, Messenger, Moments, Pages Manager, Paper (by Facebook), Work Chat
Facebook fixed several vulnerabilities which included Account Takeovers and Page takeovers in 2018 and rewarded huge amounts to the ethical hacker community.
5. Stored Browser Passwords
We usually store passwords in Browsers while clicking on the Remember Me option. Such saved passwords can be viewed by opening the saved password tab in our browser. The passwords stored in the browser will be of plain text format and the attacker who is having access to our laptop can read those passwords.
Pendrives which can automatically read and save such passwords upon connecting it with a computer is also available so if an attacker with such a kind of pendrive or external storage device can access the Password tab and can automatically save all saved passwords in a .txt format while working in the background.
How to Make Yourself Safe !
Clear all passwords after using .
Prefer using your personal laptop for all such activities like Banking, Facebooking etc .
Don’t click Remember My Password while accessing Social Networking sites from unknown devices .
These all are the ways by which an attacker can hack your Facebook Accounts in 2018 !
Few Security Features of Facebook !
2 Factor Authentication
2FA is an additional security feature which requires entering a one time password to facebook in addition to the Username and Password. If you login from a new device facebook will send a Verification code to the registered mobile number and we can access Facebook on the new device after entering that Verification Code.
Facebook maintains an access log which contains all our login activities that is the IP during login, Location of login and the Device used to login into our facebook account. Facebook will notify its users if it found some login attempt from unknown devices or from unknown locations .
Security Researchers Community
Facebook is supported by a very big community of ethical hackers and security researchers. Facebook rewards researchers with very good rewards for reporting security vulnerabilities to facebook. And that community form the backbone of Facebook’s Security .
Thank You For reading !