How to Secure Online Transactions?

Introduction: Nowadays we have shifted our life into digital form. Today we have moved from hand written letter to e-mail/chat , TV to IP-TV, coins to bitcoins, messaging to whatsapp etc. So it is obvious that we now do online shopping instead of going to market. This actually saves our time but there is high probability to compromise/hack our personal information by malicious hackers. So how to protect ourself is a million dollar question. Let’s search for it.

Make sure there is ‘https://‘:

The web address starts with the prefix HTTPS. The “S” is important because it means that an encryption protocol called Secure Sockets Layer (SSL) is being used to connect to a web server. The prefix HTTP (without the “S”) means that encryption isn’t being used, and the transaction is less secure.

A lock icon appears on the right side of the Address bar. Click the lock icon to view the certificate used to encrypt the webpage. The certificate identifies the certification authority that issued it, the dates that it’s valid, and the server you’re communicating with. If something looks wrong in the information, contact the issuer to confirm the certificate’s validity.

https

Use Private Browsing:

Consider always conducting financial transactions in a private browsing session so your browsing history, passwords, and other private data will not be saved or accessible to anyone who uses the computer after you. Make sure to log out of the website and close all browser windows when you are finished. If possible, do not conduct any financial transactions from a public or shared computer or over a public wireless Internet connection.

private browsing

Do not “Remember Password“:

When you are giving your credentials to a site your browser will ask for “Remember Password” option. if you click “Remember”, your password will be automatically saved in your browser. Any one can open your account by this saved credentials. So do not save your password in browser.

firefox-remember-never-for-this-site-not-now

Strong Password Recommended:

Password must be 16+ characters. Combination of both upper-case and lower-case, digits and special symbol. It must not be any dictionary word. You can use pass-phrase rather than password.

stanford-password-policy1-640x604

Use Updated Anti Virus Solutions:

It is possible to get your every key stoke remotely by a key logging software. Malicious hackers are doing this thing. So to protect your self use any Anti Virus with daily update and scan your system weekly.

best-mac-antivirus-12

Avoid Phising:

Phising is a technique to gather victim password by providing fake web pages that almost same to the real one. Malicious hackers are doing this by email. So be very careful when you read any mail or click any link given in a mail.

phising

Use ‘Two Step Verification’:

Use two step verification if this option is there. In two step verification, if you put your correct password, an One Time Password (OTP) will be sent to your contact number. It is much more secure.

google-two-step-verification1

Do not Use Public WiFi/Open WiFi for Online Transactions:

It is possible to get your credentials by malicious hackers if you are in public/open WiFi. So do not use these networks for online transactions.

NEW YORK, NY - JULY 11: A free Wi-Fi hotspot beams broadband internet from atop a public phone booth on July 11, 2012 in Manhattan, New York City. New York City launched a pilot program Wednesday to provide free public Wi-Fi at public phone booths around the five boroughs. The first ten booths were lit up with Wi-Fi routers attached to the top of existing phone booths, with six booths in Manhattan, two in Brooklyn, and one in Queens. Additional locations, including ones in the Bronx and Staten Island, are to be added soon. (Photo by John Moore/Getty Images)

Use Your Personal System for Online Transactions:

Do not use others laptop for online transaction. It is possible may be his/her laptop has been compromised already. It is very risky to use cyber cafe’s system for online transactions.

Follow The Rules:

If you are reading this that means you are looking for a way that will secure your online transaction. So don’t be a reader only. Please follow those instructions in your daily digital life. Be the change.

Hack a Remote Windows System Using Trojan [Over the Internet]

Disclaimer: This tutorial is only for educational purpose. We are not responsible for any misuse of this tutorial.

Scenario: Victim is using Windows 7 [Firewall enabled, User Access Control (UAC) enabled] and within a network. Attacker is within a different network. Attacker needs the full control of the victim machine to crack the Gmaill and Facebook.

Requirement:

  1. njRAT -v0.7d
  2. Windows OS
  3. NO-IP and its client
  4. A router that has port forwarding option enabled
  5. Social Engineering

Concept:

  1. Trojan has basically two parts. one is server and another one is client. Trojan server must be installed in victim machine. so that attacker can monitor each and every thing of victim by using trojan client.
  2. To build trojan server we need only attacker’s IP address. Whenever the trojan server get clicked on the victim machine it will try to connect back to the attacker’s IP and open a session.
  3. The main problem is attacker has a IP address but that will change because of DHCP. So after restarting the attacker’s router, attacker will lose the connection from the victim. So, we need something which is static. That’s why noip.com comes into the picture. After signing up attacker will be given an URL [example.ddns.net] by noip.com which is static. Now whenever attacker starts/restarts the router he/she has to bind his/her dynamic IP address with that static URL. This can be done by the noip client. noip client is a small software that is user for binding attackers IP address to the noip URL.

       noip_web_interface  web interface of noip   

noip_client_login

noip client login

4. As we said earlier, attacker is within a network that means attackers public IP address is basically his/her routers IP address. By using noip and its client we can forward the connection from victim IP address to attack’s IP address. But how it will be redirected to the attackers machine within the network? Answer is by port forwarding. Port forwarding can be done within routers settings. After port forwarding the connection will find the attacker machine within attackers network and corresponding port to be connected. That’s how a successful trojan connection will be made from victim machine to attacker machine.

Steps:

Port Forwarding: For demonstrating we use MTS WiFi router. Default gateway is 192.168.1.1. We forward the port by logging in http://192.168.1.1

router_interfce

WiFi Router Web Interface

port_forwarding

Port Forwarding

NO-IP Configuration: For demonstrating purpose we are using testmail4demo@gmail.com to register in noip.com and we are given a static URL called testmail.ddns.net . Now we configure noip client with username, password and that static URL.

noip_client_interface

noip configuration

noip_client_interface 2

noip configuration 2

Create trojan Server: We are using njRAT. njRAT is using port 5552. Follow the picture instructions:

vir_start

Click on “Start”

vir_builder

Click on “Builder”

vir_ddns

Put your noip url over there and click on “Build”

server_complete on desktop

By social engineering pass the server to victim and convince the victim to run

got the victim

Session found after the server clicked by the victim

vir_tools

Different functional options

victim remote desktop

Remote Desktop of Victim

hacked_filesystem

File Manager of Victim

hacked_reg

Registry settings of victim

hacked_keylogger

Key Strokes that made by victim [key logger]

Conclusion: If all thinks work fine, attacker will find the victim’s system every time even victim changes his/her network or IP address. This procedure will applicable for any windows version [win 7, 8, 8.1, 10].