Vaidehi Sachin Interviews Rafay Baloch
Hi Readers I have just been Interviewed by a Popular Indian Editor Vaidehi Sachin. The Interview will be published in Beyond the News Magazine on 1st of September. Vaidehi Sachin is extremly talented and she wants to Interview all the Top Ethical Hackers in the world.
Here are a few excerpts…
Which websites have been hacked by you recently??
I am an Ethical Hacker and use my Information for positive purposes, I don’t Hack websites I just Test them for Vulnerabilities and then Inform the respective owners to fix it before others do a serious Damage.
There was recently news that Vijay Mallya’s website was hacked? How far was it true ?
Yes the Information the 100% true, even I saw the site my self when It was in Defaced State. It was Hacked by Pak Cybet Army with SQL Injection attack. Recent Studies Show that around 90% of the websites get Hacked. This method is really difficult by default for Newbies. How ever there are some online tools through which even a script Kiddie can Hack websites
There are lot of Indian politicians and other bigwigs whose money is lying in Swiss bank accounts ? How do you hack these accounts ?
I haven’t tried and also won’t try because as I told you at the Beginning of the Interview that I use My Information for Positive purposes. The most common Method Hackers use To Hack Swiss Bank accounts is through Phishing or Spoofing. Say the Hackers Target is Paypal account. The Hacker will create a exactly similar page like the original one and use some Social Engineering Techniques To make the victim Login through that page. Once the Victim Logins through the Fake page his will loose his account there.
How can one learn hacking ?
Well Hacking is Not an Art which can be Mastered overnight, it requires Patience, knowledge, skills, creativity, dedication and of course TIME. Every one can Learn Hacking provided that they Learn from Basics and have a good source of Knowledge. There are many scam services and softwares claiming to Hack for you but they purpose is just to steal your money. However there are many good books and other resources availible through which one can become an Ethical Hacker.
Have you heard of Bruce Sterling book "The Hacker Crackdown" where they gave an interview with the head of the New York Police Department? He says hackers are principally not good at creative programming. What do you think about it?
This is can be sometimes true and some time not. How ever it has been observed that most popular hackers were good at creative programming, but still now a days there are such Hacking tools that even a script kiddie can Start Hacking so in this case the statement can be considered true. Personally I think that one cannot be an Elite Hacker without knowledge of programming, which means that he cannot develop his own exploit and will use pre developed exploits.
Is it hard to penetrate into the "closed" computer systems?
Yes it is difficult to penetrate into closed computer systems than open computer systems. Attacks such as NetBIOS Hacking won’t work if the Target is not online.
What hacker achievements could you tell us about?
At the age of 16 I became aware of all almost the Techniques which Hackers use I think a very few people are able to do this at a very young age. I run a blog www.rafayhackingarticles.blogspot.com with over 13000+ Rss readers educating 100000's of people every month to protect their sensitive information from being hacked by Hackers I think this is my biggest Hacker Achievement
I think hacking is probably unsafe, isn't it? There are some appropriate authorities like Cyber Crime Department that fights computer crime, don't they?
Yes the Hacking is probably unsafe; there are lots of laws introduced against Cyber crime. There are lots of Cyber Crime Departments such as FIA, CBI etc that fights against cyber crime. Having Information is about Hacking Techniques is not bad however how you use it matter allot.
Do you think you are a criminal?
Certainly not because I haven’t illegally Hacked or defaced any persons private Data.
Why is the image of a hacker associated with romantics of 21st century for some people, and with crimes and computer piracy for others?
It depends upon your Thinking some think it as part of protection however others think it as the part of breaking in.
Is it true, that hackers break into corporate computer systems and steal the source code to satisfy their curiosity, but later on deny the stories that any hacking has happened into the Indian Security Intelligence sites?
How did people come to know about you and how do multiply your business?
I started a security related website www.rafayhackingarticles.blogspot.com March 2009 in which I talked about some methods Hackers use to penetrate systems and steals your private data and methods to protect them. The search Engines started picking my content and slowly my website became popular day by day because I was providing my readers unique content which was not available anywhere. I don’t make efforts to multiply my business it are the readers that make due to which my business goes viral.
How easy is it to hack a computer? Has security improved much? Have things changed vis a vis what you did years ago?
With the tools available now a days it can be a cakewalk for the Hacker to Hack a comptuer system, However the security has gradually improved past years but still due to lack of awareness among the people related to computer security its damn easy for the Hacker to Hack a computer.
This is just for understanding as to how vulnerable is the common user?
A common user is not aware of Hacker's techniques so he is widely vulnerable
What does social engineering mean in the context of hacking ?
Social engineering is defined as the process of obtaining others passwords or personal information by the act of manipulating people rather than by breaking in or using technical cracking techniques.
How do they use this concept of social engineering ?
There are lots of way through which the Hackers use Social Engineering Below is the example of a social engineering attack Robert (Hacker) calls Michael and pretends to be a Google employee, Here is the conversation
Robert: Hi Michael I am Robert a Google employee
Michael: Oh How are you doing?
Robert: Me fine. I am here to inform you that Google is performing a security update on all Google account and therefore to install those securities updates on your account.
Michael: Yes kindly install those security updates.
Robert: Thanks for your interest in our security updates we will require your password for installing it.
Michael (Victim) has become a victim of social engineering, he will give out his password thinking that the person whom he was chatting was a Google employee.
Note: The Hacker will create an account similar to Googleupdates(at)gmail.com
How would you consider the safety of online banking and credit cards online usage ?
It can be safe sometimes and sometimes not, unless you are not sure about the security of the website dont make use of it. How ever you can use some payment processors like Paypal, Alertpay etc to avoid your credit card number to be exposed.
Do you also use online banking for monetary transactions ?
Yes I use Online Banking for Monetary Transactions.
What achievements in cyber space made you a celebrity overnight in your community ?
My biggest Achivement is my website. Which is the one of the Top Security sites in my Country.
I think you attract a lot of media attention ? How does it feel ?
Yes that’s true. I feel that I deserve it for the work it do. Remember "Sucess never comes by accident"
What are your other hobbies ?
My other hobbies include Playing Piano, Snooker etc
Have you ever been hacked ?
With the Grace of ALLAH I have'nt been Hacked till now
What can you tell us about iPhone hacking ? What is the technology involved ?
There are lots of Spyware softwares such as Mobile spy, Spyware Gold which allow you to Spy on IPhones
What do you see as the future of hacking in the next 5 years?
In the next 5 years Security will improve as well as Hackers. As each day the number of Hackers keep growing and growing so Security experts have to try hard to assure online security
Why is there is no unity in hackers?
This is because all Hackers have EGO and attitude problem, every hacker thinks that he is better than others
Is it true that hackers are always anti nationals?
No this statement is completly False, Even the cyber war between India and Pakistani Hackers started due to love and partriotism to their country
What is the biggest threat to hacker?
I think the Biggest threat to the Hacker is the anti Hacking and cyber crime departments
Can this profession ever be really ethical?
Yes this profession can be Ethical. Ethical Hacker is an accepted Industry Term, but it completly depends upon your use. Hackers are of three kind
White Hat hackers use their information for positive purposes, where as Black hat hackers use their information for Negative purposes and grey hats are in between both of them. so all depends upon how you use the information
Have you ever thought of challenging Bill Gates?
No, Billgates has computer security experts from all over the world, if you think that you know 8/10 there might be some people which know 9/10.
Click Here to Read the Interview Directly on Vaidehi Sachin's Site