In our third episode of How Do Hackers Do Things, GraVoc Security Consultant, Josh Jenkins, shows you how hackers can make a copy of a website and clone it for their own malicious purposes. During this video, Josh will show you how hackers are cloning websites using HTTrack, a freely available tool on the Internet that allows anyone to make a perfect or near perfect copy of your website. This type of activity could allow a malicious actor to copy your website and leverage that copy in a phishing campaign.
For this example, Josh demonstrates how hackers can clone any website by using two freely available downloads for the Kali Linux distribution. The first tool is HTTrack, which will allow Josh to clone a website and the second is simple python HTTP server, which will allow Josh to present that website on an DigitalOcean instance. Watch in the video above how Josh uses a combination of these tools to make a copy of the website example.com.
What does all this mean? A malicious hacker could potentially clone and steal your website and lend creditability to any number of campaigns whether thats phishing, harvesting credentials, or any other malicious activity that is targeted at your company. There are many ways to prevent hackers from cloning your website such as monitoring and knowing what your vulnerability exposure level looks like. If your business is looking to prevent and mitigate these types of attacks, check out our Information Security Services below:
How Do Hackers Do Things Series
If you enjoyed this video, make sure to check out our other How Do Hackers Do things videos for more great security videos and tips! How Do Hackers Do Things focuses on different methods of hacking that cybercriminals use to exploit their victims. Our goal is bring awareness to the vulnerabilities and hacking methods that surround our everyday lives!
Every business should have a system in place for Password Management. In this article, we examine why passwords are a top target for cybercriminals and what your business can be doing to protect and manage your passwords.
Join us virtually on Thursday, September 9th, 2021 from 4:00pm-5:30pm for an overview of how you can protect your business from ransomware & other cybersecurity threats.
In this article, we explore what Personally Identifiable Information (PII) is and why individuals and organizations need to ensure the security of this sensitive data.