From : Pilu safe house (ID:piluwill)

There are two ways to steal numbers in the early days :

The first
: It's a very common way for local machines to breed Trojans , And it's simple , As long as you can have a Trojan , This kind of software is everywhere , A lot , You can find it on any small hacker website , It works in a very simple way !

First of all, it has recording function , The password of can be recorded automatically , When the Trojan horse is planted in your computer , It changes the registry , Run automatically as the system starts , And automatically detects the current computer's progress , Once the Trojan is running , It starts recording keyboard input , Some Trojans will pop up a disguised window and
The login window is the same , When you get the number , Click OK after entering all passwords , It will prompt that the password is incorrect , Close and then pop up the real login box !

Either way , At this time, your password has been sent to the email address of the person who stole it . This phenomenon will not appear in hackers because the data verification methods of the two are different , We don't talk about that here , Generally, the person who needs to steal the number has access to the computer of the stolen object ! For online games , It's generally unrealistic , And it doesn't have much practical value !

The second : The principle of Trojans in remote machines is the same as that in the first way , The only difference is that the person who steals the ID doesn't need to touch the computer of the person who steals it , After understanding the principle of planting Trojans by transferring files , It's easy to steal !

The early tools for stealing numbers were also exhaustive software , It's the tool that has the least practical value at present, from the beginning of constantly combining data to trying out the real password , But it's still dangerous for people with simple passwords .

The first category can be attributed to the theft of keyboard recorder , To put it simply, use a Trojan horse to record the movements you press the keyboard , Record account number and password , Therefore, the most common way to steal numbers , You can use the soft keyboard when you log in , Soft keyboard input mode is generally not recorded by the hacker Trojan , This is a safer way ! That's what hackers are worried about , If the user enters the password with the software disk , Trojans can't record keyboard movements .

So you don't want your account stolen , When you type in your password, a soft keyboard will do it , But for hackers , Is there really no way ? be completely wrong ! Not even polite , It's just a way to hide your ears , Become the ears of the deaf — Set it up .

Let's talk about how the soft keyboard works :

When the user logs in and asks for the password , You can use the mouse to click the key on the soft keyboard to enter the password , The key values on the soft keyboard change randomly , To ensure that the input password is not stolen by the keyboard recording Trojan , The hackers of the Trojan horse are taking advantage of the habits and inertia of some users : Think to use soft keyboard when logging in account window , By clicking the mouse and entering the password, we can ensure the security of the password , The Trojan has been considered !

The security measures for password protection of soft keyboard have also been broken by hackers , After the Trojan is activated , Attempt to obtain the account information entered by the user through the soft keyboard by intercepting the text message sent by the soft keyboard window , So as to break through the password protection technology of soft keyboard .

in fact , More and more people have abandoned the traditional way of keyboard recording , It's a very effective measure , To prevent the memory recorder mode !

I try to explain the problem in popular language , Memory is a piece of hardware , But in terms of function, it is an important space for computers to store all temporary files , Some people think that when I turn off the computer, no one knows what I've done on my computer , Not really , You click the mouse and press the keyboard once , Open a file , All actions are recorded on the computer or in memory
People who understand can find the records of these machine codes by turning on the computer , of course , People who don't understand computers are God's books when they put them in front of you !

Memory record can record all memory changes , At this point : No matter what password you enter , Click No Keyboard , There's no difference . As long as you input , Even with the input pen, the memory recording Trojan will catch the action , To steal the password !

even though , It is recommended to use soft keyboard when logging in , Even if it reduces the possibility of theft . Some people say : So it's impossible to prevent it ?

So let's talk about another security measure : Security card !

According to the hacker's idea, you want to add a security lock to your account , Its randomly generated password feature enables the account thief to master your account and password , You can't log in to this account without a card , It's also a common way for many game companies to keep secrets , But what's the effect ?

Didn't anyone steal it with a security card ? The answer is yes , Absolutely ! Same as soft keyboard , Again, I'm not flattered ! No card, please pay attention to it , With the card, many people are completely unsuspecting and think it's absolutely safe for me , This view is totally wrong !

Speaking of this , Let's talk about another famous hacker software : Grey pigeon !

In short, grey pigeon is a program that can control your computer remotely , Strictly speaking : It can also be regarded as one of the Trojans ! Many people may have used remote assistance , Send out the assistance message and the other party can enter the other party's desktop after receiving it , Control each other's computers !

The principle of grey pigeon is not mentioned here , It's also a remote control function , Of course, this one doesn't need your approval , By the way, Microsoft started system integration ” Remote desktop ” This function can be downloaded , This function is good and bad , This allows the other party to log in to your computer in a different place , Have full operation permission , Do whatever you want !

If your computer doesn't have a password or a simple password, you can imagine what will happen ? Don't say you're at home. How can anyone else know where you are ? Don't ask this naive question ! I'll talk to you slowly when I have time , therefore , Unless there is a real need , Otherwise, please turn off Remote Desktop Services , As for how to close , This is not a computer school , If you are interested, talk to me slowly !

Continue to talk about how the grey pigeon steals the number ? This is not a stolen ship, but a stolen equipment , The other party doesn't need your account password , The account code is for you to log in . Say something simple , This is a typical example on the official website , First, add your friends and say they want to buy your good equipment , Let you show him where nobody is . When you get there, you find that your computer is out of your control ! You finally found out , All your accounts can't log in !

In fact, it's the top land in the hacker field , Talented people emerge in large numbers . The buggers are just the lowest of them , The most unskilled group . But even the lowest group of people , It's amazing for ordinary gamers
People . No matter which game , From production to operation , It's not even online games 8 Top of , Of course, its security can't be compared with hacker's technology . Say that , It's not to give you an excuse and a reason to abuse , On the contrary , Don't get me wrong , I'm also disgusted by the various behaviors of hackers , hate , Like a lot of attacks , They're always thinking of ways to make money .

A lot of people need to steal it every day qq Message for , as follows

I know it's for me to steal the number, so I won't reply , First of all, it's because I don't take orders , Second, I'm too lazy to explain , This post will give you a unified reply .

There are several reasons for me to steal the number

1, see qq space

2, Look at the chat records of girlfriend and others , Suspicious of a split

3, Find the family who left home !

4, Trade secrets

5, personal enemy , Trying to steal his number


Let's talk about it today Several methods of stealing numbers

1,tx database

tx Database leaked , Query password through database

2, Intranet packet capturing

occasionally , The internal network sniffer can also intercept the password , Xiaofeng hasn't been tested qq Of

3, go fishing

Phishing software , Phishing websites, etc , Imitate the official trick user to enter account password and send it to the server .

( Do you have anyone else QQ What have you seen on the space message board “ How can your photos be in other people's space ” Then a website , You click in. It's a fake space page for you to log in , Once logged in , Sorry, your space will automatically send countless ads )

4, social worker

Based on the understanding of users , Get the password combination .

5, Remote control

Remote control online , Keyboard recording .

6, brute force

Generally for weak password , Strong passwords are not easy to crack .

7, Go straight to him

Simple and rough .

8, Account number appeal

One of the means of social workers , We need all kinds of strange ideas to get all kinds of information

9, Camouflage security center mail

( If an email is sent to your security email, please fill in the verification code you just received , Then it must be a fake )


Let's analyze the above situation

If I were to steal someone now qq Number , Let's check the social work library first , But the database was a few years ago , Very low success rate .

Try fishing , Made a fishing software , To the other party , It's a problem if the other side can't take it , Is there any anti-virus software , Don't you want to do a kill free first and then send it to the other side , If the other party doesn't pick you up, you will be confused .

What about fishing websites ? Now the safety awareness of Internet users has been improved , Even adults can't click the link , You want to cheat others ! If you have a brain, look at the links , And many browsers recognize it intelligently .

Remote control , Then the keyboard records ? appoint ip Invasion is harder than landing ! Different computers will encounter various problems .

brute force ? Are you mentally retarded in this way ? You're generating hundreds of millions of passwords , Tencent has a verification code, OK , Take your time to enter the verification code , And I lost too much to log in , Even if you lose right .( Don't trust the Internet qq Cain and Abel , No feasibility )

social worker ? Some people leave little personal information on the Internet , High difficulty


in summary

Easy to steal , Using fishing method to steal the number of nets .

Difficult to steal the number , Stealing the designated number .

For those who want to find hackers to steal their numbers , forget it . You found it , 99% are liars , Say it can be stolen , One billion is a liar .( Tencent is not covered )

summary : No matter what account , Try not to be private , Especially personal user card binding , Hackers are for profit , No interest , Naturally, I'm not interested in you ! Hacker Internet is too deep , Think twice about those who want to step in !