How to hack and not to get caught

One of the most common doubts in beginners is “How do I hack and not get caught?”.

In this entry I’ll show you a few anonymity techniques which could be used when performing an attack. Remember: You won’t be completely anonymous, there’ll be breaches and you’ll leave a fingerprint, the most important is not to be anonymous itself but being anonymous and spoofing every proof that could be related to you, so if you are trapped there will be none or a few proofs that you were the person who performed an attack.

Disclaimer: If you decided to be a black hat hacker, remember that you took that decision alone, be sure to think a lot about that and don’t forget that every person is responsible for its fate. Every good or bad thing that happened, is happening or will happen to you, no one but you is responsible, no gods nor devils in the middle.

How is this going to be performed? Down below will be a list, with all of the tips. I am still kind of new to the “black hat world”, so if I’m missing something, you can add it to the Learning github repository. If are new too, DON NOT attach unauthorised targets under any circumstance, host your own webpage or fire up a virtual machine, exploit it and take a look at the logs, then try to locate yourself, by doing that you’ll learn how both parts look like.

Non-technical tips

What are the “non-technical” tips? Basically the steps that are completely up to you as human:

  1. Don’t tell anyone you hacked something, if it’s possible don’t tell anyone you are a hacker. Be paranoid, don’t trust no one. Nobody is going to jail for you.
  2. If you gained access and have messed around with things inside the compromised system, delete that could prove you were in there.
  3. Don’t develop habits. If you logged in today, don’t do it tomorrow. If you accessed the target’s device once at 8:00 AM, do it next time at 4:37 PM. If they are waiting an attack at 8:00 AM and you do it, you’d get in troubles.
  4. Don’t do black hat things at home. Do it at a library or at a free-wifi place. This way the traffic will be blended in with genuinely traffic.
  5. Work during the day.
  6. Proxy all traffic.
  7. Try not to perform a big-mass lost. This will set the system adming to trace you up no matter what.
  8. Use disposable email accounts, temporary storage of data, SMS receiver, etc.
  9. Try to have as much of your attack off of hard drives, and other permanent storage media. if you can’t have it all in RAM (as many *nix distros allows), try to have it in easy-to-break devices, such as SD sticks.
  10. If you are performing your attack at a public place, be aware of cameras or people taking pictures around you.
  11. If you are detained, admit nothing. The less you speak, the less chaces you going to jail.
  12. Never log in to facebook, twitter, gmail or any other social network when hacking.
  13. Never share your real information on internet. Everybody could be a police agent or the server could get hacked and your information leaked.

Technical tips

  1. Spoof your MAC and IP adddress, before, during and after the hack.
  2. Use Whonix, Tails-like virtual machines or proxychains. Remember: Proxy all traffic.
  3. Hack someone else’s computer, install a backdoor and hack from there.

Sarah

Hi! I am Sarah, I am a programmer and grey hat hacktivist, I support and work under the free software philosophy. I like to learn things and help others to increase their knowledge, I am not either a teacher or a professional, I simply like the knowledge and want to spread it.

Categories