Ethical Hacking How Hackers hack Social Media Accounts

How Hackers hack Social Media Accounts

In this text, I’ll explain each tactic of a malicious hacker in order that you’re going to get an idea of how these hackers can hack social media accounts like Facebook, Instagram, Twitter etc. We will even undergo how to prevent social media accounts from getting hacked.

Thought of the Day : Minimizing the problem might be broken down into three easy things—detect, prevent and remedy and we all know Prevention is best than remedy and Knowledge is all you want to concentrate on such things.

Below are probably the most common attacks hackers use to hack social media accounts:

Man within the Middle Attack

This type of attack happens when a hacker privately steals and alters the communication between the sender and receiver. A user might imagine he’s communicating with a legitimate user, however actually, all of the conversation is passing through hacker, and he probably alters their communication with out their knowledge.

For this purpose, Burp Suite is the commonly used tool by hackers to perform a person within the middle attack. By utilizing this tool, hackers can intercept between the machine and a server, captures the request that’s generated by machine to the server, and alters it by requesting another thing from the server.


Always use antivirus with a firewall that may detect the fake user. Besides, use VPN and Proxy server to access the network.

Phishing Attack

Phishing is probably the most common but only tactic utilized by hackers to fool people and steal their information. In this attack, a hacker will make a fake social media login page that appears legitimate and share it with victims to get login from a fake site. When a victim enters its credentials, it directly redirects to the hacker’s machine. This is the simplest technique because many users can’t differentiate between the true and fake sites’ login pages and get fooled by giving their credentials. This attack requires persistence and wonderful skills for making the victim login out of your duplicate fake page.


Double-check the URL before entering your credentials or any personal information. Moreover, don’t log in through messages and emails.

DNS Spoofing/ Cache Poisoning Attack

DNS Spoofing is a sort of malicious attack whereby a user is forced to navigate to a fake web site page disguised to seem like a legitimate one, divert traffic or steal credentials of the users.

Attackers can poison a DNS cache by manipulating DNS resolver into caching false information, with the result that the resolver sends the incorrect IP address to users, and users attempting to navigate to a web site might be directed to the incorrect place.

Spoofing attacks can go on for an extended period with out being detected and may cause severe security issues.


Learn to administer your DNS server and firewall securely.

Cookie Hijacking

This attack generated by saved cookies out of your browser. When the user login an online account i.e. Facebook or Twitter account, the server returns a session cookie, which is a chunk of data that indicates the user to the server and provides them access to their account. Given that the user’s device holds on to that session token, the server will allow them to make use of the application.

When a user signs out of an application, the server immediately invalidates the session token, and all further access to the account requires the user to submit their login credentials again.

A hacker steals the session token and, with the assistance of this token, access the user’s account. The token might be hijacked by inflicting the user’s device with malware that monitors and steals session data. Another method can be utilized to hijack the session i.e., cross-site scripting attack during which hacker uploads a malicious code right into a webpage that the user frequently visits and forces the user’s computer to send the session cookie data to the server.


Clean your cookies from browsers in every 4-5 days and never use public wifi.


Another most straightforward strategy to hack social media is keylogging. There is a software named “key logger” that’s made by hackers to trace out the pattern of the keys of keyboard typed by the user. After that, it immediately generates a file of that key pattern and sends it to the hacker’s computer through the web. With this method, a hacker can compromise even computer experts because this may be downloaded from anywhere.

Keyloggers might be installed by a social engineering attack when a user clicks on a link or opens an attachment/file from a phishing mail.

Keyloggers may also be installed through the web page script. This is finished by exploiting a vulnerable browser, and the keylogger is launched when the user visits the malicious site.


Always download software from trusted sites only and avoid opening phishing emails.

This article explains how hackers compromise your social media accounts (Facebook, Instagram, Twitter, etc.) and how to prevent these attacks by applying easy security measures. The most common techniques utilized by hackers are discussed above. I hope you at the moment are well aware of those techniques and have learned how to keep your self safe.


Please enter your comment!
Please enter your name here