Kamis, 19 Agustus 2010

How Hackers Hack Orkut Profiles or Accounts!

Hackers follow some random hacking tricks to hack anyone’s Orkut profile or account. Since these hacking activities are increasing day by day and a lots of innocent people are getting their accounts hacked, I decided to come up with all the hacking tricks that hackers use to hack Orkut profiles. But from the very beginning, I want to mention one thing, treat this post for informational purposes only. Every hacker needs a security hole to start his hacking procedure, read out those holes and never leave them open again to keep your account secure.


Since Google is behind Orkut, hacking anyone’s Orkut profile is not a joke. Orkut respects all it’s user’s privacy and hence it uses multi level login encryption. Normal users feel that we provide our ID & password, hit enter and Orkut gets us signed in. Nope, things are not like that. Orkut uses 3 level security encryption to get a user signed in.

  1. First Level : Security SSL or 128 Bit secured connection
  2. Second Level : Orkut checks if your system is having any active/expired cookie in your system
  3. Third Level : Google applies a secure redirection to the account information provided by you

Orkut does not use any php/aspx/asp coding in Orkut pages, making it almost impossible for hackers to use input validation attack or brute force attack. Now you might be having one question in your mind, if Orkut is so secure, how are the accounts getting hacked? Read further.

How Hackers Hack Orkut Accounts :

If you think hackers are some black, tall persons with a black hat on their head and never come outside in day light, I would request you to refresh your thinking. The simple answer : A persons involved in illegal hacking stuffs is a hacker. It might be you, your friend or even me. Here is a list of hacking techniques used by hackers to hack Orkut accounts.

1. Hacking Orkut Accounts using KeyLoggers

It’s probably the simplest way to hack someone’s Orkut ID even without having much hacking knowledge. Keylogger is a software used to monitor every action on a computer and send the usages data anonymously to a remote server by email.

Suppose you want to hack my Orkut profile. You come to me, use my system and install the keylogger on my computer without my knowledge. Professional hackers can send you a single picture by email, when you download that image on your computer and click on it to view, the keylogger will automatically get installed on your computer in a background process. You won’t even have a 0.01% doubt that something suspicious is going on.

Keyloggers monitor each of your keystrokes. If you type www.orkut.com, it records www.orkut.com in a notepad file. When you enter your username and password on Orkut, it even records them and note them in that notepad file. According to the setting, it will send that notepad file to the hacker by email and you won’t even smell that a email is being sent from your computer without your knowledge. After getting your login informations, hacker changes your password, security question and the answer to it, secondary email address and makes it impossible for you to get back your Orkut account.

Bapun Suggests :

  1. Use up to date antivirus on your system to prevent keylogger attacks.
  2. Check for any Spyware threats on your system here, here, here and here.
  3. Most keyloggers stay hidden. Press Ctrl + Alt + X OR Ctrl + Alt + Windows Key + X to find key loggers.
  4. Download this, this, this or this on your computer and make a whole system scan to locate any spying tools.

2. Hacking Orkut Accounts with Phishing Attacks

Phishing attack is one of the largely used hacking attacks to steal Orkut login informations. Phishing attack is nothing but creating a completely fake Orkut login page and hack user informations. These pages are very much identical with Orkut and a normal user can’t smell any fishy thing in that. Once you provide your login informations there, their PHP script keeps your details and they use those info later to hack your account.

There are several ways of phishing attack. Few of them are :

  • Link Manipulation : Link manipulation is one kind of hacking trick where hackers fool people with identical domain names. By an email or scrap or message, they send you a link. Once you enter your ID and password in those pages, be sure that your profile is gone for ever. That link will be 90% identical with Orkut. Here are few of them.
  • www.okrut.com


0 komentar: