Digital forensics

Major Ways of Stealing Sensitive Data

Hashim Shaikh
October 31, 2017 by
Hashim Shaikh


We all are aware that there's an almost infinite number of hackers out there whose absolute goal it to steal and misuse any sensitive data they get their hands on by any means,

There are various methods in which Cyber attackers can steal confidential and private information/data. These include the following:

Learn Digital Forensics

Learn Digital Forensics

Build your skills with hands-on forensics training for computers, mobile devices, networks and more.
  1. Packet sniffing – Packet sniffing, also known as packet analyzing, captures data from computer networks. The tools that are typically used in these instances are the packet sniffers and/or the protocol analyzer. If you utilize communications protocol sites, then all the info that's transmitted over the network is in clear-text, and it may be sniffed employing a tool like Wireshark.
  2. Keyloggers – One of the most infamous ways of stealing data is through the use Keyloggers. Though keyloggers are not like other malicious tools as it does not pose any threats to the system. However, it might be a significant threat to the end user. Once it is installed in the device, a keylogger logs all the keystrokes that you use on your keyboard. This will then be compiled into a comprehensive log file which will then be subsequently sent to the Cyber attacker.

    It is important to note that keyloggers let the attackers steal knowledge from internet browsers, FTP applications, and passwords to online gaming accounts, instant texting apps, and password managers.

    Cybercriminals distribute the malware they use with the help of phishing (fake) emails that seem to be associated with purchase orders, payments, and job descriptions. The phishing emails very often contain an archive file that in most cases hides a keylogger code.

  3. Auto-complete – Web
    Browsers have a feature to store only the most recent internet addresses, web entries, usernames, and passwords. Once a user starts typing, the browser suggests available matches like "Auto-complete "or "Remember Passwords" in Firefox. If a browser is organized for "Auto-complete settings/Remember Passwords" to store the username and password, then each time a user logs into the software package, the browser asks the user to remember the password. If the user had accidentally or advisedly clicked "Yes," an attacker (if he or she has access to the system) will log in with the "remembered" password of the previous user. The browser stores the saved password either as a clear-text format.
  4. Browser memory leaks – The browser remembers all the requests that it has created, all the pages that you have visited, and everything you have typed onto your keyboard. As a result, the request on the login page containing the username and password of the user is also kept within the memory. The browser's memory may be browsed using memory-reading tools like WinHex. A Cyber attacker with access to the user's open browser, once he or she is logged out, can steal the password from the memory of the Web Browser.
  5. Exploiting a system in LAN – If you have an unpatched UNIX or Windows Operating system, a Cyber attacker in the network may scan the network and exploit the vulnerability to get Remote code execution and access to that system. Once they have access to it, then he or she can easily read all your files, gain sensitive data and gain administrative access to your system quite easily.
  6. Default / weak credentials – If you have configured weak passwords or you are using the same password for all your accounts then beware you are at a much higher security risk. An attacker may capture your password to gain sensitive information and data.

    You can refer the article to know more about weak passwords, and how to create much stronger passwords.


  1. Once you communicate over unencrypted channels you the risk that your credentials and different sensitive data will get sniffed and compromised.
  2. On a company level, sensitive data exposure will be a loss for your business company and will cost you dearly in the end.
  3. Because of a basic attack such as that of Auto-complete or browser memory outpouring, the impact is equally & remarkably high because, in the end, those are your credentials that you lose and are utterly irreplaceable.


  1. Avoid using websites that don't support HTTPs.
  2. Be careful in checking the contents and the authenticity of your emails. Keep your anti-viruses updated as much as possible.
  3. Avoid using the auto-complete feature on your Web Browser.
  4. Also, make sure your browser is completely closed after you are done browsing an internet site. Merely logging out isn't enough.
  5. You can create a guest account for other people to use your device so that the credentials and sensitive data remain safe. Also, you can use a password manager that supports the use of pin codes or Biometrics.
  6. Avoid using the cyber cafés Wi-Fi hotspots or public computers to enter the credentials of any of your online accounts.
  7. Additional care should be taken anytime you are doing on-line banking.
  8. Update your OS, any services, and software applications which installed onto your system regular basis
  9. Always use a strong password for all your online financial accounts.

Good reads:

Hashim Shaikh
Hashim Shaikh

Hashim Shaikh currently works with Aujas Networks. Possessing a both OSCP and CEH, he likes exploring Kali Linux. Interests include offensive security, exploitation, privilege escalation and learning new things. His blog can be found here: and his LinkedIn Profile here: