|
How do hackers/crackers find gmail passwords nowadays?
by elliotanderson123 - Friday April 12, 2024 at 04:08 AM
|
|
Apr 12, 2024, 04:08 AM
Hi, with all the new security additions on gmail, I was wondering how do gmail account passwords are hacked nowadays if you can not longer try dictionaries or some kind of brute force attack because the gmail site warns the account about a possible password decyphering attack.
I am just trying to update myself in this issue Thanks
Apr 12, 2024, 04:12 AM
(Apr 12, 2024, 04:08 AM)elliotanderson123 Wrote: Hi, with all the new security additions on gmail, I was wondering how do gmail account passwords are hacked nowadays if you can not longer try dictionaries or some kind of brute force attack because the gmail site warns the account about a possible password decyphering attack. Even if you find a valid credential somehow, keylogger, credential stealer etc, there is high chance you will not be able to get inside the likes of gmail because of implementation of MFA, OTP is one way but the fact that most of the time if you are logging in from a new location or IP, gmail automatically asks you to verify your login from your phone, like it sends a prompt. However, on the other hand, if you somehow are able to steal a valid session via cookie hijacking, theoretically it is possible to gain access to the emails then but again, I have not tested that myself, just read about it, so always do your own research.
Apr 12, 2024, 04:43 AM
Yes, I think I agree with you. I understand that there are new implementations that back in the days of Mr. Robot (just to quote some video-graphical sample of how it could be done, even if it is really a make-up) were not yet widely spread nor implemented.
Therefore, I suppose that hackers are limited to data breaches when it comes to getting gmail credentials. Because, the attack vector of loading a file with some kind malware to implant in the windows machine is very, let's say, naive that it would work, right? Antivirus should be not updated for a long long time, and if it is the case, then user many of the times is not that much dumb, so he/she would change the credentials at the very least suspicions. Am I right on these assumptions?
Apr 12, 2024, 05:00 AM
I would not go as far as I assuming that every system you would come across would be fully patched with a working AV/ EDR. It all depends on the target system, you never know you might come across a unpatched Win 7 still vulnerable to Eternal Blue.
Apr 12, 2024, 02:44 PM
People are still getting phished right?
I mean, 2FA on Gmail is fucking dumb, having it so you can have a code sent to ANY number? Riduclous 2FA is only gonna slow humans down
"Universal appeal is poison masquerading as medicine. Horror is not meant to be universal. It's meant to be personal, private, animal"
|
|
« Next Oldest | Next Newest »
|
| Possibly Related Threads… | |||||
| Thread | Author | Replies | Views | Last Post | |
| I'M LOOKING FOR AN INTELX API | 1 | 222 |
Yesterday, 05:16 PM Last Post: orkidd |
||
| Telegram Opsec Guide | 46 | 1,626 |
Apr 26, 2026, 12:43 PM Last Post: 0xdarkdharma |
||
| TOP SECRET FBI HACK BY KOMI | 30 | 1,411 |
Apr 25, 2026, 02:59 PM Last Post: insider100 |
||
| A collection of deepweb sites [2025] | 103 | 2,410 |
Apr 24, 2026, 07:27 PM Last Post: mik3y1243 |
||
| NEW USERS READ - how to avoid malware on the forum | 102 | 12,074 |
Apr 22, 2026, 11:34 PM Last Post: digits |
||
