Discovering what first-time hackers want to hack

What do wannabe hackers want to hack the most?

Professional cybercriminals are in it for the money. They’ll probably want access your bank account or card info to rob you, but unless you’ve already handed those details over, they will need to work for that information.

First-time hackers could be interested in money as well, but our data shows that it may not be that simple. Targeting social media can provide vectors for financial attacks, but these platforms are much more immediately useful as ways to stalk or harass the victim. They might be interested in stalking their romantic interests, causing trouble for fun, or supporting an ideological agenda. In any case, we noticed a curious trend when investigating what types of targets these beginner hackers are looking for. Google search data tells us that the most popular targets are Meta services – Facebook, Instagram, and WhatsApp.

Now, what can we make of these searches? The queries about hacking Meta services reveal some interesting trends:

• Income: One factor tying the countries generating these queries together is lower GDP relative to the Western countries where many of Meta’s users reside. In the absence of other economic opportunities, some internet users may see cyber crime as a worthwhile endeavor.
• Number of Meta users: Another significant factor is how many Meta users each of these countries has. India has the greatest number of Facebook, Instagram and WhatsApp users, so the high interest in hacking these platforms in India makes sense.
• Expertise: Countries like Russia and China are known for having active hacker communities with high levels of technical expertise, but these countries are absent from this list. The queries we’ve selected reflect an “entry-level” knowledge level. This suggests that the regions showing up in these trends have large communities of beginner or amateur hackers. Could this mean that they are being mentored or inspired by local communities of experienced hackers as well?

People all over the world are looking up these topics, so we know it’s a global issue. But why are these hackers so determined to hack into Meta’s services?

Why are beginner hackers targeting Meta services?

No matter what you’re trying to achieve, hacking into the right Meta service account can probably help you achieve your nefarious ends. Given how much of our lives we spend on Facebook, Instagram, and WhatsApp, they are all goldmines of data. Here are a few things a beginner hacker could hope to achieve:

• Stalking or harassing someone: Facebook stalking is common enough that most countries have laws on the books to address these crimes. According to the Pew Research Center, 75% of online harassment cases happen on social media. Now, most of those probably don’t involve account hacking, but for a determined stalker, this is the next step up.
• Identity theft: Cybercriminals who are in it for the money can stand to gain a lot by using identity theft on our social media. When you send someone you know sensitive information like a PIN code or your card number, you do so because you trust them. But if your account or theirs is compromised, a hacker can abuse that information as well. Even if you don’t share anything sensitive, your account itself can be abused to make a profit. Even the Prime Minister of Pakistan Imran Khan’s Instagram account was once hacked by enterprising scammers.
• Undermining business competition: With online businesses and influencers making thousands or millions of dollars using Meta’s services, hackers have a significant incentive to disrupt their operations. Client information, advertising information, partner contacts–the possibilities are endless for unscrupulous competitors. Plenty of above-board legitimate products promise to hack competitors’ information on social media platforms.
• Political activism: We’ve seen a few real-world cases of political activists hacking into high-profile targets’ social media accounts. Many would sabotage a political opponent by making damaging remarks in their name, blackmailing them, or publishing their private conversations.
• Accessing locked-out accounts: If you lose your keys, you may one day find yourself breaking into your own car or home. It is possible that some of these searches reflect a similar intent, but it isn’t clear how many. After all, most online platforms offer plenty of ways to retrieve your account.
• Just getting started: We want to emphasize that these are not the types of searches that experienced hackers do. It is entirely possible that many of these searches are simply the work of curious and mischievous teenagers. Some of them, however, are bound to turn into real-world attacks.

Do these searches actually work?

Unfortunately, it seems many of these searches can provide real useful information for hackers. In fact, we can even see proof in the top search results. “How to hack Facebook” is an entry-level search done by someone who has little to no idea where to start. But other popular related searches start to include the names of specific tools people use for this purpose, showing that they are performing multiple searches to refine their knowledge before starting their attack.

Here are some of the types of results we found while conducting these searches:

• Blogs and forums: Many of the top search results are popular blogs and forums where anonymous users and authors share tips on how to try to break into other people’s Meta service accounts. Fortunately, some of these results are cautionary in nature. Instead of providing actionable instructions, they provide readers with tips to secure themselves online. However, this is not the case for all of them.
• Tools and services: Some platforms are such popular targets that other hackers create tools or services that beginners can use to help them achieve their malicious goals. Unfortunately, these novices are often targets themselves, as these unregulated services can gather their users’ data and any tools they download are likely to include spyware or malware.
• E-books: Oddly enough, Amazon offers self-published e-books that claim to explain how to hack into the most popular Meta platforms.

We don’t have stats available on which attacks are being used and which aren’t, but we do know from news reports that attacks are hitting both Facebook users and Meta itself. For one thing, Facebook has lost huge amounts of user data to hackers over the last decade. Just in 2021, the data of over 500 million users was stolen in a breach, and massive breach files are available for sale on the dark web.

These hacks were of Facebook or Meta itself, not individual accounts. But these troves of data, usually seized by more experienced hackers, can then enable individual account hacks. The good news is that you can tell if your Facebook account was hacked and recover your account. Here’s a breakdown of some of the attacks we know can be used against Facebook and other Meta services.

How do hackers attack Meta accounts?

Of all the ways to potentially break into a specific Meta account, only a few will be readily available to amateur hackers. However, many more experienced hackers re-sell the data they get from massive server break-ins, and these databases are a good place for amateur hackers to get started.

• Brute-force attack: If an attacker knows the email address for your account but not your password, they can attempt some form of brute-force attack. This type of attack is essentially using an automated tool to try thousands or even millions of passwords in as short a time as possible. If the attacker knows you, they can create a shorter list of educated guesses for the tool to prioritize.
• Data breach abuse: As we mentioned above, tons of leaked Facebook user data are available online. If any of that includes usernames and passwords, then hacking into an account is as easy as buying your account’s credentials.
• Password reset requests: If the attacker gains access to your email account but not your Meta service account, then breaking in is as easy as sending Facebook a password reset request. They can change the password, log in, change the email address, and take complete control of your account.
• Social engineering: Fortunately, most breaches from Meta services do not contain plain-text passwords. However, armed with the mountains of data contained in those leaks, a clever hacker can scam their way into your account. With privileged information, they can convince your friends, relatives, or other services you use that they are you. If they do that, they might defraud your friends, gain information about you, or even gain your account’s credentials.
• Phishing: If all they have is your email, a scammer can still target you with phishing emails. A well-crafted email could fool you into thinking it’s from Instagram. You click, you log in, and the scammer has your credentials. With the right personal info, they can also try you on your phone or social media.

Conclusion

What does all of this data tell us? Beyond specific insights into the platforms being targeted, what we need to understand is:

1. Interest in hacking is high.
2. Interest in hacking is steady.
3. Interest in hacking is global.

Even a beginner hacker can strike from anywhere in the world, and resources instructing them on how to get started are plentiful. In fact, we were surprised and dismayed at how fruitful some of these queries were when we tried them! For the rest of us law-abiding citizens, it’s important to remember that as long as we stay vigilant and prepared with the right tools and skills, we’ll all be much safer for it.

Methodology

NordVPN researchers used a Google search term analysis tool to search terms that include the keyword “hack”. Apart from global trends, search volumes were also checked by country. A total of 2M (1,983,741) searches from 50 countries in both English and local languages were analyzed. Our research took data from September 2021 through August 2022.