How to change wifi password

Why you need to change wi-fi password

In our previous articles as you have seen or not we showed how easy it is to hack a wifi password and any noob can do it by using a tutorial found on internet. This could be happening with you. or it could be like you have told someone your wifi password and now they are using more of your wifi then you and all of your bandwidth is emptied by them every time.
There are many of these reason that i cannot mention right now beacause it will change our topic so let's head to the tutorial.
what i recommand is change wifi password once in two to three days for your own security and safety like i do change my wifi password every third to fourth day. So that no one can access my network and data.
I have created this tutorial for internet surfers like you who have problems with their shitty wifi network. This tutorial is going to solve all your problems related to wifi whether you are geek or noob user if you have problem with your wifi this tutorial will be the solution.
First you need to get into admin pannel.
For that open your browser and type the local address to you wifi admin pannel. There different address to different devices. If you know the address to your admin pannel then thats great. And if you don't then don't panic and try to find it on your router back its usually there. In my case it is 
Yours could be or or anything. If you still don't have it you can search for it on the internet just type your router's company name and router name and for admin pannel address and there you have it. No it will ask you for your admin pannel password.

Its usually admin : admin or admin : password. It could be different because sometimes it is set on the installation of router. Again you can search for default passwords on the internet for your router or try to find it on router's back.
Once you are in you will have access to the everything you need to change your wifi password.

What you can do with wifi admin pannel

You can also change configurable items such as security logins, encryption parameters, WiFi settings, Wifi SSid name, Passwords. There is also some advance settings like opening ports adding application and much more.

How you really gonna change you wifi password

You will need to understand the simple terms in wifi world that might be useful to our tutorial.
  • Your network name can also be known as a Wireless Network Name or SSID.
  • Your WiFi password can also be known as a WPA Pre-Shared Key.
Step 1:
First of all open your browser(software).
Step 2: 
Open admin panel
Step 3: 
Once you are logged into your router, you will need to find the Wireless section of the configuration page.. Go to wifi (wireless) settings. Again it could be different for device to device.

  • If your "Wireless" section has multiple subsections, open the Wireless Security page.

Step 4:
Change the password. Look for the box labeled "Password", "Passphrase" or "Shared Key". You can enter your new password into this box. Some routers will ask that you type the password again to ensure that you entered it correctly.
  • Make sure your password is secure. Never use passwords such as "password," "12345," easily-found dates or names, etc., and never leave your wireless router with no password at all!
  • Try to create a strong password that would be difficult if not impossible to guess. It should not be related to anything personal, and should include a liberal amount of numbers, random cases, and special characters such as "!", "$" and "#".
  • A strong password is usually at least 8 characters long.
Step 5:
Check out your security type. There are three main types of wireless encryption: WEP, WPA, and WPA2. For the most secure network, you should be using WPA2.
You may run into issues connecting older devices, however, in which case you could switch to WPA or WPA/WPA2. Selecting WEP is NOT recommended, as WEP encryption is very easy to break (it can take less than 30 minutes to crack a WEP password).
Step 6:
Change your network name. While you're here, take a moment to change your network name if you have not already.
The name should not include any personally identifiable information, as the name will be publicly broadcast. Changing the name will help deter people from trying to break into it. Routers with default names are seen as easier hacking targets.
Step 7:
Save your settings. Once you are done entering in your new password, click the Apply or Save button. The button's location is different for every router, but is typically located at the top or bottom of the page.
The router will take a few moments to process the change, at which point any devices currently connected would be disconnected.

  • After your settings are changed, you can connect to your wireless network using your new password.

Featured Questions

Q: How can i change wifi password if I don't have a computer?

Ans: You can easily do it with your android device or anyother handset. Just Open any web explorer in your handset and do the things like this tutorial show you to do with pc.

Q: How many times can I change my WiFi password in year?

Ans: Well its upto you. You can technically change your WiFi password as many times as you want in a year. How many times you choose to do it depends on how secure you want your network to be.

If you want to keep it really secure, you might choose to change your password as much as once a week. However, you should also consider convenience when making your decision. Every time you change your password on your router, you'll also have to enter the new password on all the devices that regularly connect to your network.

Q: How can I find my router's password?

Ans: If it has not been changed, it should be on the manual or on the router itself. If it has been changed, and the original/factory password doesn't work, then you need to reset it. You can do this by pressing the small, red reset button on the router. Note that this will reset ALL settings to their default positions.

Q: What is the password of the login admin?

Ans: Try any of the following: admin, changem, or password. Some routers don't require a password, so you could also try leaving it blank. As a last resort, you could check your router; it will most likely have the default admin password written on the back or on the bottom.

Q: I can't open my router's configuration page. What should I do?

Ans: Go to google and then search for "MY IP". Then google will show you an ip address. Copy it and paste it in your browser's url column and press enter. Then it will ask your for a username and password. By default, both are "admin". Type those and you can log in. (You should be connected to the wifi from that router.) Then go to the settings page and look for PRE SHARED KEY. That is the wifi password. Just change it.

Q: What if I have forgotten the password?

Ans: Push the reset button on the router for 30 to 40 seconds and the router will reset to default, then you can use the default password on your router.
Read More

How to hack gmail account

You can use this to test your own accounts security
If you have forgotten your password you can e get it back by this tutorial.
Gmail is one of the largest free and paid mail service provider by google. Gmail is one of the most secure mails service. But you know what "Nothing is secure." And we are going to prove it today.
We have found and discovered some of the working methods to hack gmail accounts by using some tricks and scripts
Let us not waste our time and get to the tutorial.

Hack gmail password

The only way you'll be able to "hack" into someone's account is by stealing their password. If your target has two-factor authentication, you'll need their mobile device as well. There is no other way around two-factor authentication.

Outline of the methods that can be used to hack gmail password

  • Hacking a gmail using wireshark and man in the middle attack
  • Hack someone's gmail account using keylogger
  • Hack a gmail password using browser password manager
  • Hack gmail by creating a Phishing site
First of all we go with the tutorial of using wireshark

Wireshark and MITM attack to hack anyone's gmail account

Wireshark is a network utility used by sysadmins and network manager to analyse the network traffic passing by. Wireshark is mos powerful network analyser tool used for big data networks and more. And this tool is going to help us get into someone's Gmail account. Luckily this is free tool and you can install it on windows mac and as well as in linux which is great for windows and mac users but we are going to use it on linux and most famous hacking os Kali Linux. And for MITM attack we are going to use a tool called ettercap which may be you are already familier with, is an important tool for network security
Step 1:
Fire up Kali Linux.
Step 2:
Open Wireshark You can do that either with terminal or direct open it from the menu(its upto you)
and put it to listening mode on wi-fi or ether-net either of which interface you are on.
Step 3:

Third step includes ettercap. 
open ettercap
Choose your interface.

Step 4:
We are going to use Man in the middle attack

It could be done by spoofing your Ip-address with gateway address.
You can do it by clicking on Mitm section and then spoofing Ip addressses.
Now your Ip-address is the gateway and all the traffic is going through your ip.
you can scan all the traffic with the wireshark.
Now when the user opens gmail site and entered his email and password you will have access to that data.
Step 5:
There is one other thing. Gmail has SSL encryption and you will have to use another script like sslstrip or sslsniff to bypass ssl encryption. There is a module in ettercap for that purpose but it doesnot works sometimes. You have to download and install sslstrip and use it. And you can have the passwords all by your self.

Gmail Hacking using keylogger

A keylogger is a program that logs the keystrokes on the computer it is installed on. There are a variety of keylogger programs available for free or for purchase online, with varying degrees of stealthiness. Be sure to research all of your options carefully. Popular programs include:
  • Actual Keylogger
  • Spyrix Free Keylogger
  • BlackBox Express
  • KidLogger
  • NetBull
  • Lola
Step 1:
Install the keylogger on the target's computer. You also can remotely install a keylogger on someone's computer using metasploit or anyother hack but that method will be for some other day. Today its just you have to install a keylogger by your own power and technique.
Step 2:
Run the program on the computer and it will do the rest for you. You may also need to configure the keylogger if it has multiple functionalities in it.
Step 3:
Let the software run while the victom uses the system. Whatever he types on the system it will be logged into it. and you can have it by doing step 4.
Step 4:
Collect the logs. Some keylogger has the function of sending the logs to the users by email or some other interface but in some cases you have to go get the logs from computer via usb.
Step 5: 
Enjoy the email access to victom's account.

Using browser password manager

Step 1: 
Open the web browser that your target uses on their computer. You must have access to that person's computer. Try this when they're out of the room or you know that you have a few minutes alone.
  • Open a link from an email or a Help menu to launch the default browser.
Step 2:
Open the password manager. The process for accessing the password manager is different depending on the browser you are using.
  • Internet Explorer - Click the Gear button or the Tools menu and select "Internet Options." Click the "Content" tab and then click the "Settings" button in the AutoComplete section. Select "Manage Passwords" from the new window.
  • Chrome - Click the Chrome Menu button (☰) and select "Settings." Click the "Show advanced settings" link and then scroll to the "Passwords and forms" section. Click "Manage passwords."
  • Firefox - Click the Firefox Menu button (☰) and select "Options." Click the "Security" tab and then click "Saved Passwords."
  • Safari - Click the Safari menu and select "Preferences." Click the "Passwords" tab.
Step 3:

Find the password for your target's Google account. Use the search bar in the password manager to search for "google". This is the quickest way to narrow down the list of passwords. Look for the "" entry for the target's Gmail address.
Step 4: 
Try the password. Again if the target has not enabled two-factor authentication, then you should be able to access the account. The target will likely be notified that a login has occurred from an unknown browser.
  • If the target has two-factor authentication activated, then you will need the code that is sent to their mobile device. There is no way around this if it is activated.

Hack gmail by creating a Phishing site

  1. Phishing is a way to capture sensitive information such as usernames, passwords and credit card details.
  2. It usually involves the use of a spoofed Gmail page (or a fake Gmail website) whose look and feel is almost identical to that of the legitimate websites Gmail website.
  3. When the users try to login from this fake Gmail page and enter their password there, the login details are stolen away by the hacker.
  4. However, creating a fake login page for Gmail and taking it online to successfully steal the password is not an easy job.
  5. It demands an in depth technical knowledge of HTML and scripting languages like PHP, JSP etc. In addition to that, carrying out a phishing attack is a serious criminal offence. So, unless you’re a pro hacker I only recommend using the keyloggers to hack Gmail password.

Some Questions and Answers

How do I recover my Gmail password?

Go to the 'I've Lost my Password' option and follow the process outlined there to recover it.

My email has been hacked. How can i get it back if they changed the phone number and recovery email?

You can recover back your account. Go to the or >> need a help ?>> I don't know my password >> enter your your gmail address >> fill type box message >> last you remember password >> enter you have been hacked before your password. Sometimes the Google sever will accept your old password but if the hacker set off the 2 step verification security process, you need your personal information and your account data to reset it all.

Can someone hack my email just by knowing my email address?

No, sharing emails is just like sharing a telephone number. The worst they can do is annoy you with spam messages.

I've forgotten my password for my main email and my recovery email. What can I do?

You can try using this account recovery form, but if you don't have other recovery methods set up, it's unlikely to work.

I don't know my Gmail password. How do I hack into it?

If you are simply looking to get back into your own Gmail account, click on "Forgot my password" and answer the security questions. This is easier than hacking into the account.

My gmail account has been hacked, how do I get it back?

Visit your security settings if you can still log in. If you can't, visit the account recovery page.

How do I get my Gmail account back if it has been hacked?

You should contact Google and explain the situation. They may be able to help you recover your account.

How can I get my Gmail account back if someone hacked into it and changed all of the information?

Just click on the forgot password option and enter your personal mobile number for verification. Enter the otp and get access into your account.

How can I hack into the school bully's email account without downloading anything?

You shouldn't. Hacking is illegal when done on public networks. If someone is bullying you, tell your teacher, or someone else who can do something about it.

At The End

If you have further questions ask us in the comments section we will add them in the article with answers.
Read More

How to hack instagram account

Instagram Facebook Twitter Pinterest overall are actually pretty safe however as long as we have passwords there are people out there who try to guess them or use programs to gain access to your account. If they get the password able to get into your account. Take the right measures. Easily hack instagram accounts of anyone without the use of any suspicious software. Everyday thousands of accounts are being hacked this includes Instagram – one of the biggest social media websites worldwide with over 100+ million registered users and gaining millions of page views everyday!
This tutorial is only for education purpose and any of us would not be responsible for anything that is done illegal due to this article

Why would you want to hack instagram?

Do you suspect your spouse of cheating, are you being overly paranoid or seeing signs of infidelity…Then he sure is cheating. It really can be very useful for so many different types of people. Whilst you might associate this type of service with hackers and people that are up to no good that isn’t always the case. In fact, after carrying out extensive research during the stage where we were providing this information to users on request we found that around 75% of contact requests came from users who had either been locked out of their own Instagram accounts by accident or from those who hack already had their Instagram accounts hacked by other people and were simply trying to get them back.
Other reasons why you might want an Instagram password hack include:
  • To gain your own account back after becoming locked out
  • To retrieve an account belonging to you that has been previously hacked in to
  • To play a prank on one of your friends
  • To steal an Instagram account from a competitor
  • To take control of a dormant Instagram account that a significance to you

By hacking into their facebook account

Yeah! you have read it right. You know many of instagram accounts are linked to the facebook accounts and people use facebook to get access to their instagram account. Moreover many of the instagram accounts are created based on facebook api. So it could be the way to get access too instagram account. Now you can ask me that how you will be able to hack into facebook account. That's simple follow our tutorial of facebook hacking and get your hands on to the instagram account.
Really this could be it for you if you just want access to someone's instagram profile or wanna see some private photos of them. But if you want the password of their account or do any kind of prank on your friend by changing their password then thats not your way to go. Their are other methods to for instagram password hacking which you will read later in this tutorial.
How you will get access to instagram via facebook?
That's easy just hack facebook account and then login via facebook.

Almighty Phishing

Phishing is a type of social engineering and as most of the social engineering techinques. Phishing is a very deceptive way to get around critical infromation. Information could be any govermental document or it could be anyone's facebook password. As quoted
Social engineering has become about 75% of an average hacker's toolkit, and for the most successful hackers, it reaches 90% or more.
Humans are really the weekest link to the security networks. We do think we know everything and we cannot be decepted by anyone. and yet we make mistakes. You know every big hacking attack in the history of hacking and technology was due to human errors and mistakes and not by any security system.
As we have learned about phishing on facebook password hacking tutorial. Phishing is the way to get a clone of orignal website and redirect the user their. One can access to the instagram password that easily.
With the Email ID known, a Hacker can create a Phishing Site and send the victim that makes the victim accidentally give away his / her account info such as Username and Password even with the latest 2-Step verification enabled.

Keylogger can really hack

Another known method is to insert a keylogger that captures everything you type (including backspaces) and sends them to the attacker. You have learned about keyloggers in our previoud tutorials. You can use that knowledge to get around keyloggers.
Its really that easy keyloggers works like charm and maybe the most easiest way to get access to any kind of passwords and usernames. You can use keyloggers for gmail password hacking, facebook hacking or anyother social media service you want it will get you results. Their are many good keyloggers (free and paid) softwares. But if you are buying a keylogger first do the full research.

Session hijacking is the way to go

Another method is to hijack your session using cookies (also known as Session Hijacking) if the attacker is connected to your Network. If the victom/target is within your network then you can easily hijack his session. you can do that by sniffing through his/her traffic and filtering out the results for instagram. Really that works.
Install wireshark. then install cookie cadger. and then perform a Mitm attack or decept his/her traffic. By following the exact same steps you can easily get access to the cookies. You can use this cookies to login into his/her account. The step by step process is described in our previous posts for session hijacking.

Password managers can be tricky sometimes

As we have used password manager in the facebook hacking article. You can follow the exact same steps to hack an instagram account.
Open the password manager. In most cases, this will be password-protected. If you know the password, you can easily view and apply any saved passwords to their appropriate services.
  • If you don't know the password, you'll have to rely on autofill data for the website or program you're attempting to log into.
Try entering an account's username. If the account you're trying to access has a saved password associated with it in your selected browser (or program), it may automatically enter the password for you once the username is entered.
  • Google Chrome and Mozilla Firefox both do this if the user has the cookies and autofill features enabled.
  • If the account holder's computer is a Mac and you have their Keychain password, you may be able to use Keychain to access their stored passwords by navigating to Keychain Access (it should be in the Mac's Utilities folder), opening the "Passwords" tab on the left side of the screen, and selecting the pertinent password. After entering your Keychain password, you'll have the option to display the password in plain text.

Hacking Thier Machine

This could be your last resort for instagram password hacking. Now a days computers and mobiles are not that secure.
You can say that as they were ever secured. I know they were also not secure before but no one knows how to exploit them and now a days litterly every tech website is teaching the ways to hack a computer or mobile. Even youtube is full of that stuff. Now if you have access to their pc or mobile you could easily access to password managers and stuff.

At the End

This will be the end to the article. We will try to update the article to new information. Let me know what you think about this in the comment section below.
Read More

How to hack whatsapp account

Nothing in this world is unhackable, encryption are just mathematical equation that is hard but not impossible to solve without knowing a factor. If you really want to hack or spy on anyone's WhatsApp this tutorial is for you.

Some of Possibilities

Since WhatsApp has become one of the popular app to share messages and media instantly, it has also become a favorite place for many to engage in illicit activities. Therefore, in order to investigate the truth people are left with no choice other than to hack WhatsApp account. Most of the smartphone users such as for iPhone, BlackBerry, Android, Windows Phone, and Nokia are fascinated towards WhatsApp messenger as it provides innovative and amazing features.
People have many queries for "how to hack whatsapp account", "is it possible to hack whatsapp", "how to hack whatsapp chat". Well today is your lucky day and you have found the tutorial. This will surely help find your goal and you will be able to hack whatsapp massages.

Mac Spoofing to hack into someone's whatsapp account

There is a method to hack WhatsApp known as Mac address spoofing which involves spoofing the Mac address of the target phone on your own phone.
To spoof the Mac of the target phone, follow the below-mentioned steps:
  1. Find out the Mac address of the target phone on which you need to hack WhatsApp account:
  • Android – Settings —> About Device —> Status—> Wi-Fi MAC address
  • iPhone – Settings—> General —> About —> Wi-Fi address
  • Windows Phone : Settings >> About >> More info >> MAC Address.
  • BlackBerry : Options >> Device >> Device and Status Info >> WLAN MAC
  1. Once you have the Mac address of the target Whatsapp phone, you have completed the half way.
  2. Next, install WhatsApp on your phone and enter target phone number and verify it
  3. Now, you have an exact replica of the target WhatsApp account and you should receive all the conversation and updates on your phone as well.
This method of WhatsApp hacking is quite time-consuming and is known to have less success rate.Let’s get into the details of the mac spoofing method to hack Whatsapp.

What is a MAC address

A MAC address is a 12-character unique identifier assigned to the network adapter of your WiFi device. A MAC address can be used to uniquely identify the smartphone on the Internet or the local network.
If you want your target to be hacked, you need to find the MAC address of their account.
Follow below steps to get WhatsApp hack.
Step 1: Uninstall Whatsapp from your device
Get the mobile phone of the victim that you desire to access. Though it is the little bit rugged, try to acquire the mobile phone of the victim.The victim’s mobile phone will be essential at two variant steps throughout the hacking process.Initially, you must uninstall Whatsapp from your device.
Step 2: Acquire the smartphone of the target (victim) that you wish to Hack
Step 3: Locate the MAC  Address from the Target’s Phone
A MAC address varies from one device to other. So, find the platform of the smartphone that is used by the victim.A MAC address consists of six pairs of digits that are separated by colons. For Example, it looks like (01:53:35:47:78: CB).
You can check the mac address of the different type of devices at the locations specified above in the mac spoofing overview.
Step 4:
Alter your MAC address similar to the victim’s MAC address
Spoofing the MAC address allows your mobile device look similar as victim’s device.By spoofing, there is an advantage of letting you persuade Whatsapp that you are logging into our own account.But, truly you are trying to log in into the victim’s Whatsapp account.

Mac spoofing apps that can change the mac address

  1. Iphone users can use MacDaddy X or WifiSpoof app to change their MAC address.
  2. Android users must have busy box installed in their system to spoof the mac address.
Busybox is the necessary component for the spoofing of mac address.if you have busy box installed then you need certain apps that can be used to spoof the mac address of your device some apps works only with certain architectures so don’t get upset if some apps did not work for your device try other apps found on google play store.I am going to list down some of the apps that worked for me and may work for you.
The first app is terminal emulator install it from play store and go with the below process
  • In the terminal, type “IP link show” and you can view a list of interfaces.
  • Identify the one that has your MAC address.
Assume we’ll use the eth0 interface. In the terminal emulator, enter
IP link set eth0 address XX:XX:XX:XX:XX:XX
IP link set eth0 broadcast XX:XX:XX:XX:XX:XX
where eth0 is the interface you identified and XX:XX:XX:XX:XX:XX is your target’s MAC address. In order to verify that you’ve changed your MAC address successfully, enter
ip link show eth0
Other Apps that can help to spoof mac address are given in the list below
Step 5: 

Now configure WhatsApp with target phone number
After installing and configuring Whatsapp account on your device, you access the victim’s WhatsApp account.Enter the victim’s phone number so as to set up WhatsApp rather than your own.This allows you to receive and send messages from the victim’s account.
Step 6:
Attain Confirmation Code from the victim’s mobile phone
During the WhatsApp configuration process, a confirmation code will be sent to the victim’s phone number.Access the victim’s phone for the last time to acquire that verification code.Enter it into WhatsApp that is on your phone.
Finally, you have successfully hacked the Whatsapp account of your target with mac spoofing method.If you don’t wish the victim to detect about your spoofing, make sure to delete the confirmation code from their device.

Install a Spying app on victims mobile

The easiest way of spying WhatsApp messages is to use a spy software program. In the current marketing trend, there are bounteous companies that are promoting WhatsApp spy programs. In spite of many companies, we must choose genuine spy apps that are trustworthy. One of the best software to spy on WhatsApp is mySpy which is well-known for its quality and it is one of the top-notch features. You will have to download and install the mySpy app onto the victim’s phone on which you want to access and monitor the WhatsApp messages. Make sure that you can keep the victim’s phone with you for few minutes.
Step 1: Get permission to monitor victim’s phone

The spy apps that you use are very much essential and intended for the employees, parents, government officials in order to access or monitor the activities of subordinates, children and other . Before proceeding, make sure that the victim gives permission to access and monitor their mobile.
step 2: Select apt SPY program or app

Various spy apps or programs are offered by various app providers. Study and analyze in order to find the best spy program that best suits your mobile device. You need to consider the following factors to select a genuine app.
  • Purpose of the app
  • Efficiency of the app
  • Whether it hides spy activity undetected from the victim
mySpy and Spymaster Pro are very good apps or programs that can be used to access other’s WhatsApp account.
Step 3: Purchase and install best spy program
  • Buy a genuine app and install the app by following the on-screen instructions.
  • This app must be installed on your phone as well as the victim’s phone.
Step 4: Configure the app and initiate tracking

  • Follow the instructions so as to install the app and make sure that you complete all the settings properly so as to start the hacking process.
  • Now, you can receive all the conversation on the victim’s account. Successfully, you’ve accessed the WhatsApp account of your friend or beloved ones.

At the End

Here it ends. You can Hack anyone's whatsapp account with this tutorial. Let me know if it's helpful or not in the comment section below
Read More

How to hack facebook account

For hacking a facebook account an attackers does not neccesarily target facebook website.  It is illegal to perform hacking activities without their conscent or permission.
Instead of trying to hack a company which spend millions on its security and infrastructure, compromising a victim's computer system is a low hanging fruit. Once the attacker setup keylogger and backdoor on victim's system, all user activities and accounts including email, social networks, banking, etc can be stolen.
All the hacking groups who hacked twitter and facebook accounts of major companies didn't hack into their networks. They targeted the employees of those companies and got lucky in compromising the right user who had passwords for those social networks stored in their system.
Attacker goes for users as humans are weekest link to security they can be easily compromised unless they know the hacking tactics themselves.
You won’t be vulnerable to hacking if you understand how hacking works

Why You should learn to hack

There are tons of reasons that why you should learn to hack. As above quote stated you will not be vulnerable to facebook hacking tactics used by hackers if you know those tactics too.. If you know how a predator prey on his victims then you would probably save yourself.
These are some of the scenarios you could face in the real world

It is really not a hack

  1. You forget to log out of Facebook from a public computer, or you forget to lock the computer screen at work or at home, and someone else besides you, go to that computer and write on your Facebook wall that you've been "hacked". This has nothing to do with hacking at all (it is related to "red teaming" though, except during this type of exercise, getting access to Facebook accounts is not the target and never will be), but it is probably the most commonly seen "hack". This poses no threat to you, except embarrassment in some cases.
  2. A friend who knows your password, logs into your account and writes on your Facebook wall that you've been "hacked". The password was obtained by asking you for it (beginner level of social engineering, except that this case is not really social engineering if you give up the password when asked for it directly), seeing you type it in (shoulder-surfing), or simply guessing what it is (online brute-forcing). This has very little to do with hacking and poses no threat to you, except embarrassment in some cases. In case this happens, reset/recover your password. This is the most common scenario where Facebook accounts are "compromised", but not really compromised.

How facebook account can be compromised

  1. You receive an email from a non-targeted mass-phishing campaign that prompts you to log into Facebook, or reset your password. This attack is likely to occur, but can be prevented by not falling for phishing tricks;
  2. You use an app on Facebook that compromises your computer. Similar to malvertising. There is close to no protection against this attack, except not using phony looking apps on Facebook. However, your computer could also be compromised through other websites you browse. In cases of malvertising, the attackers are rarely interested in your Facebook account. They would much rather have access to: passport photos (identity theft), bank accounts, processing power (bitcoins), and network resources (other computers to compromise, or to perform DDoS attacks);
  3. You live in a country that performs heavy monitoring on its citizens. In this case, the mobile phone you buy has likely pre-installed government malware on it. The Internet connections are likely monitored as well. There's nothing you can do without educating yourself about computers.
  4. You "root" your mobile phone. This disables almost all safety/security controls making it easier for your mobile phone to get compromised.
  5. An attacker looks at your profile and looks at all the public data that is exposed to anyone on the Internet. Based on this data, the attacker attempts to recover/reset your password, or even guess it. People tend to use very simple passwords. It's unlikely someone will attempt to hack you this way, unless you control a very popular Facebook page or group with at least 10,000, 100,000 or 1,000,000 subscribers/fans;
  6. An attacker befriends you on Facebook, for heterosexual males this could be a "hot" female, and vice versa. The attacker is able to obtain more information as your friend, in case your privacy settings are more strict for "non-friends".

Why would hacker not want to hack your account

Attackers will generally not be interested in hacking your Facebook account at all (seriously, hackers don't see any value whatsoever in your Facebook account) unless:
  1. You're a well-known celebrity;
  2. You control a Facebook page or group with +100,000 fans/members, preferably 1  to 10 million;
  3. You have an important role in a large company, where you have access to financial transaction data. In case you do have such a role, don't worry as common sense, will likely never get you hacked by the common tricks they use. In case they do compromise your identity including your Facebook account, you will likely not notice.
There are probably a lot more scenarios, but unfortunately I don't have the time to come up with all of them. If you're going to relay this information elsewhere, keep in mind that you need to relay the exact wording or it will otherwise not make sense.

But, your facebook account can be compromised

May or may not an attacker target your facebook account but your account can be compromised in many ways (i.e. by multiple methods) and it does not take a master hacker to hack it any noob can do. but there's no reason to worry as the adversaries (i.e. unethical hackers) are likely more interested in everything else besides your Facebook account. Let's get to the tutorial.

Reality of online facebook hacker

To the best of my knowledge there is no such tool, you won’t find it anywhere and yeah if you google it, you would find many websites claim that they are providing free hack tool either online or offline but you cannot download it without completing a survey. Even after completing a survey you won’t get anything in the end. These things are posted only in the intention of making money. Don’t waste your precious time in searching such hack tool. If you want to know how hackers could hack someone’s Facebook account, please go ahead and read the techniques listed below.

Phishing a facebook account is like real world fishing

Phishing is still the most popular attack vector used for hacking Facebook accounts. There are variety methods to carry out phishing attack. In a simple phishing attacks a hacker creates a fake log in page which exactly looks like the real Facebook page and then asks the victim to log in. Once the victim log in through the fake page the, the victims "Email Address" and "Password" is stored in to a text file, and the hacker then downloads the text file and gets his hands on the victims credentials.

How phishing works?

In simple words, Phishing is a process of creating a duplicate copy of a reputed website’s page in the intention of stealing user’s password or other sensitive information like credit card details. In our topic, Creating a page which perfectly looks like Facebook login page but in a different URL like or or any URL which pretends to be legit. When a user lands on such a page, he/she might think that is real Facebook login page and asking them to provide their username and password. So the people who do not find phishing page suspicious might enter their username, password and the password information would be sent to the Facebook hacker who created the phishing page, simultaneously the victim would get redirected to original FB page.

Keyloggers are really dangerous malware

The second, and probably most common, is via a keylogger. This is malware placed on the victims computer that records keystrokes and then ideally, sends it back to you. If you have access to the target computer you can manually do it, if not, you will have to find a way to get them to (unknowingly of course) open the keylogger.

Malicious Browser Extensions

This method doesn’t let the hacker / attacker give complete access to your Facebook account but gives some power to control your account indirectly. I’ve seen multiple Google Chrome and Firefox add-ons which hiddenly perform actions like following a person, liking a page on behalf of your Facebook profile.
When you visit some malicious websites or web pages, you will be prompted to install a browser add-on. Once you install the addon, it would perform all the tasks described by hacker or attacker who created it. Most actions are posting status updates on your wall, liking a Facebook page, following a person, adding you to some Facebook groups, inviting your friends to like a page or join a Facebook group etc. You may not know these things happening in your Facebook account except when you check your Facebook activity log periodically.
You can monitor your activities using a Facebook feature called Activity Log. You should not trust any third party websites prompting you to add a browser extension. Install add-ons only if you trust the publisher. Why should you take a risk if you don’t know the publisher or intention of the addon? Stay from those malicious browser extensions.

Malicious facebook apps

All the apps you use in Facebook are owned by the third party and not by Facebook. Of course, there are few exceptions like Instagram. A malicious application which is requesting your permission could do almost all kind of stuff on your Facebook profile.
Whenever you find Login using a Facebook option on any website, you should come to know that it is a third party Facebook application not owned by Facebook. When you click Login using Facebook, you will be shown a permission dialog box with the requested permission details. Once you click okay button, the requested details can be accessed from Facebook or the requested actions can be performed in your Facebook account.

Permissions asked by facebook apps can lead to total hack

They can ask these permissions which is in other words a total control of facebook account
  • Post photos and status update
  • Share link to your timeline or to any group you belong
  • Manage your page
  • Post on behalf of you on the Facebook pages you own
  • Access your personal information
  • Access your photos including “Only me” privacy photos, sometimes they can access your mobile photos using a Facebook vulnerability
These are just examples of what could be done. What if the application you are using is malicious? It could spam your Facebook account with the bunch of worthless content.
You should always be aware of what permissions you give to a Facebook application even though Facebook is reviewing application’s permission requests. Don’t give permission to an application if you don’t trust the website or application.
You can edit the information you give to an application in the permission dialog box (snapshot given above). Also, you can review the applications that have access to your Facebook account here.

SS7 is the most dangerous hacking attack ever

Researchers have proven just that by taking control of a Facebook account with only a phone number and some hacking skills to exploit the SS7 network, a core piece of telecoms infrastructure shown to be vulnerable repeatedly over the last half decade.
The hackers exploit a flaw in the SS7 protocol for hacking Facebook accounts just by knowing a victim’s phone number. The technique allows bypassing any security measure implemented by the giant of the social networks.
SS7 is a set of protocols used in telecommunications ever since the late 1970s, enabling smooth transportation of data without any breaches.The attack method devised by the experts from Positive Technologies works against any service that relies on SMS to verify the user accounts, including Gmail and Twitter,telegram and WhatsApp.

In the case of facebook

The attacker first needs to follow the “Forgot account?” procedure by clicking on a link present in the Facebook homepage. At this point, when asked for a phone number or email address belonging to the target account, the hacker needs to provide the legitimate phone number.
At this point, the attacker can exploit the flaw in the SS7 to hijack the SMS containing a one-time passcode (OTP) that is used to log in the target’s Facebook account.
Hacking a Facebook account ais possible only if users have registered a phone number and have authorized Facebook Texts.
Read More