Section 1. Introduction

Today, with more than 1 billion active users worldwide, YouTube holds supremacy over other Web 2.0 applications and dominates in the field of online video streaming. Started in 2004 as a video-sharing website, within a year of its existence YouTube was purchased by Google and became a mediascape dedicated not only to video sharing, but also to social networking.

An immense volume of YouTube’s digital archive, which is expanded with 300 hours of video per minute, made the website an important platform for knowledge distribution. YouTube is used by hackers as a supplement to other sources of knowledge related to hacking, e.g., books, forums, and educative websites. The hacking-related videos on YouTube contain instructions on hacking basics (e.g., “Introduction to Hacking” and “Complete Free Hacking Course”) as well as more sophisticated specific hacking tutorials.

Thousands of hacking tutorials posted on YouTube cause controversy among YouTube users. On the one hand, the tutorials provide knowledge about hacking and raise cyber-security awareness. On the other hand, such tutorials threat people’s security and educate potential black hat hackers.

This article will briefly discuss the seven most popular types of hacking tutorials uploaded on YouTube, namely, hacking tutorials explaining how to access: live cameras (Section 2); cellphones (Section 3); computers (Section 4); Facebook accounts (Section 5); Wi-Fi passwords (Section 6); websites (Section 7); online banks and ATM machines (Section 8). In Section 9, a conclusion is drawn.

Section 2. Live Cam Hacking

The search with keywords “how to hack cameras” gives at least eight pages of relevant videos instructing how to hack various types of cameras and see live feeds from bedrooms, offices, and security systems. The methods featured on YouTube by hackers include, but are not limited to, inserting malicious code, using the website shodanhq.com, searching the platform Angry IP Scanner, and employing Metasploit framework. The viewers are taught how to access various cameras and “slave” devices for viewing, recording, and manipulating the accessed footage. Moreover, such tutorials show how to intrude people’s privacy and frighten them by producing various sounds (speaking, singing, screaming, etc.) through the hacked camera.

The most widely featured type of camera hacking is employing a popular type of malware, namely, a remote access trojan (RAT). Videos related to RAT not only demonstrate tutorials and provide useful links for hacking, but also feature the result of the performed hacks. The videos under the title “cam trolling” show reactions of confused people who were hacked and filmed in their habitats. For example, a YouTube account called Sausarge posted more than 45 “cam trolling” videos featuring reactions of confused people hearing sounds from cameras in their bedrooms, kitchens, and offices. The account has more than 3.000 subscribers.

There exists an entire subculture of ratters who attempt to capture footage of attractive women. The recorded intimate footage later can be used for blackmailing the victims and threatening to publish their videos online. Various media channels have widely discussed a case of C.W., a California teen whose camera was hacked by a ratter. The hacker has accumulated a collection of Wolf’s private moments containing pictures, audio, records, and emails. Eventually, the ratter threatened the girl and demanded her to make sexually explicit videos. The hacker was arrested by the authorities and currently is serving an 18-month prison term.

Section 3. Cellphone Hacking

Hacking a cellphone allows the hacker to control the accessed device and perform a variety of operations, such as searching user’s files or taking photos, without a user knowing about the intrusion. YouTube provides numerous video tutorials where hackers explain how to “slave” cellphones. The methods discussed in those videos include, without limitation, intercepting data connection, using software such as Simple Phone Hacker and Metasploit, employing Femtocells. Hacking videos on YouTube promise to teach the viewers not only how to crack the forgotten password of the private cellphone, but also how to access a cellphone of a spouse, friend or a neighbor for the purpose of unlawful collection of personal information.

Security consultants in several YouTube videos warn cellphone users that malicious code that can help to access their cellphones can also be installed via infected apps downloaded online or via opening malicious links. For example, one of the hacking tutorials on YouTube discusses a technique that uses images, which are sent through a short message. As soon a recipient opens the infected picture sent by a hacker, the malware contaminates the cellphone and the hacker is able to see and manage the content of the infected phone. The video demonstrates that this type of hack allows seeing and writing messages to the hacked person’s contacts as well as sending, receiving, and recording phone calls.

Section 4. Computer Hacking

Hackers usually hack individuals’ computers in order to obtain unauthorized access to protected information. Hacking a computer includes a variety of fraudulent operations, such as breaking a password, bypassing an authentication of a computer system, and stealing personal online credentials.

Tutorials on YouTube feature techniques on how an individual could hack a computer for spying, remote controlling, cracking a Wi-Fi password, or initiating a remote shutdown. For example, a video that has almost 100.000 views explains how the author has hacked, accessed, and managed his high school computer network. Methods that are most commonly featured in YouTube videos include using vector matrix technology, Command Prompt, and common network techniques.

Another big percentage of videos related to hacking computers on YouTube feature prevention measures against computer hacking. For example, cyber security professionals explain how to find out if the computer is being hacked or how to protect the computer from being infected with malware.

Section 5. Facebook Account Hacking

Facebook accounts are popular targets for hackers because they provide a lot of fascinating information about one’s personal relationship, online credentials, locations, preferences, and other. Thus, unauthorized access to a Facebook account can be useful not only for an unknown hacker, but also for a friend or a spouse of the targeted person.

YouTube contains a number of tutorials on how to hijack Facebook passwords. In order to access Facebook accounts, hackers on YouTube teach phishing, resetting a password, and stealing cookies with the Firefox extension Firesheep. The more advanced methods for cracking Facebook credentials include using Code Script, operational system Kali Linux, and other specific software, such as Keylogger.

Section 6. Wi-Fi Password Hacking

Wireless hotspots (Wi-Fi) enable users to connect to the Internet for free and to network with other electronic devices. Although Wi-Fi spots are immensely popular among public Internet users, cyber-security specialists warn about the dangers of using such Wi-Fi networks. Using the same Wi-Fi network allows hackers to access other computers in the network easier. The tips explaining the methods for hacking a computer in the same Wi-Fi network can be found on YouTube next to other types of hacking tutorials.

Moreover, for the person who has forgotten the Wi-Fi password or would like to use the service for free, YouTube is full of Wi-Fi password hacking tutorials. Most of the videos promise that the passwords of the wireless hotspots can be cracked in less than 2 minutes. Hacking videos feature tutorials on how to access simple WEP keys or more complex WPA passwords. Tools used by hackers include, but are not limited, to Command Prompt, CommView, AirCrack-ng, and Reaver.

YouTube videos demonstrate that Wi-Fi passwords can be cracked not only by using a computer, but also by using iPhones and Android smartphones. The apps discussed on YouTube include Shark for Root, Droidsquli, WiFi Inspect, Network Spoofer, and WiFi Kill.

Section 7. Website Hacking

Accessing password-protected and poorly safeguarded websites is a popular theme of hacking tutorials featured on YouTube. The video-sharing platform contains a variety of videos that can help to learn basics of website hacking. The more specific tutorials demonstrate complex attack scenarios that are dedicated to qualified hackers aiming at improving their skills. For example, videos featuring scenarios of cross-site scripting attacks can teach how to execute malicious scripts. Denial of system tutorials help to perform DoS (denial of service) or DDoS (distributed denial of service) attacks through MDK3. Videos also feature cookie poisoning attacks that allow hackers to gain unauthorized information, steal identities, and alter pricing fields when purchasing goods in online stores. Hackers who would like to learn how to write code for executing SQL injection attacks can also find useful information on YouTube.

Ethical Hacking Training – Resources (InfoSec)

Section 8. Online Bank and ATM Machine Hacking

Moscow-based Internet security software developer Kaspersky Lab reported that cyber-threat related to online banking is growing at a rapid pace. In 2014, 2 million attempts to steal money through online banking systems were blocked. Hackers target online banking accounts and e-payment systems via malware, phishing, fake security alerts, XSS, and CSFR. After accessing the bank and infiltrating its infrastructure, hackers are able to monitor and observe bank operations and arrange money thefts.

The sophisticated schemes of such cyber-crimes can be found online. In addition to free bank hacking tools and software that can be downloaded from the Internet, YouTube features a number of online banking and ATM machine hacking tutorials. Although most of the videos are dedicated to educational purposes, a number of them contain detailed explanations and step-by-step instructions on how an online bank account or an ATM machine could be hacked. Such videos address banking security vulnerabilities, explain the development of hacking operations, and teach techniques of accessing online bank accounts without an authorization. Tutorials demonstrating hacks of ATM machines recommend specific software that can enable an unauthorized withdraw of big amounts of money. Such videos come in a variety of different languages (e.g., English, Russian, and Arabic).

Section 9.

Be sure to check out the InfoSec Institute youtube channel. You’ll find over 40 in-depth tutorials on hacking and computer forensics for students of all skill levels.

Conclusion

This article has discussed top seven types of hacking tutorials publicly available on YouTube. The discussed videos provide detailed instructions on how to collect protected information from cameras, cellphones, and computers. Moreover, they teach potential hackers how to break into Facebook accounts, Wi-Fi networks, websites, and bank systems.

Such hacking tutorials are mostly recorded and uploaded by two types of users, namely, cyber-security specialists and amateur hackers. A large number of hacker video tutorials posted by amateur hackers contain malicious links that can be dangerous for other YouTube users. Although YouTube Community Guidelines prohibit video content that contains dangerous or illegal activities, the videos containing malicious link are widely available online. Reporting such videos to YouTube might help with the enforcement of the YouTube Community Guidelines.

To sum it up, the freely available online hacking tutorials featured on YouTube can become a great tool for raising information security awareness and informing the general public about everyday cyber-threats. However, such tutorials may also contribute to a growing number of cyber-crimes by spreading tips for unauthorized access to vulnerable systems.

References

  1. Bhargav, Abhay, and Balepur Venkatanna Kumar. Secure Java: for web application development. CRC Press, 2010.
  2. https://www.youtube.com/yt/press/en-GB/statistics.html
  3. http://www.youtube.com/yt/policyandsafety/communityguidelines.html
  4. http://money.cnn.com/2015/07/29/technology/youtube-ratting-problem/
  5. http://www.nbcnewyork.com/news/local/YouTube-Ads-Hack-Webcam-Videos-Investigation-New-York-I-Team-Glorioso-323085781.html
  6. https://media.gractions.com/314A5A5A9ABBBBC5E3BD824CF47C46EF4B9D3A76/07027202-8151-4903-9c40-b6a8503743aa.pdf
  7. http://www.kaspersky.com/about/news/virus/2014/Kaspersky-Lab-counts-up-this-years-cyber-threats
  8. “How to find and access unsecured IP cameras”: https://www.youtube.com/watch?v=mGeFrtzgtI8
  9. “How to hack PC using CMD and IP address only”: https://www.youtube.com/watch?v=qn-SlUO75ZU
  10. “Here’s Me Hacking Kids Computers At School {Controlling, Blanking Screens etc}”: https://www.youtube.com/watch?v=2YJfUDfczVA
  11. “Hacking your cell phone calls, texts, browser”: https://www.youtube.com/watch?v=v-l51HFaUm4
  12. “windows XP/8/8.1/7/vista hacked using kali linux “MSFCONSOLE” hacking pc desktop remote connection”: https://www.youtube.com/watch?v=F9L1FDwuBGE
  13. “Hacking A WPA/WPA2 Protected WiFi Network Using Kali Linux”: https://www.youtube.com/watch?v=hn1ByWpHsJ4
  14. “How to hack a bank online? Step-by-step tutorial”: https://www.youtube.com/watch?v=mSqHjBlFf_I
  15. “Hack ATM & Credit Cards l Tuto by @Saif_Massaoudi”: https://www.youtube.com/watch?v=4dmiOTIbKkw

Co-Author

Rasa Juzenaite works as a project manager in an IT legal consultancy firm in Belgium. She has a Master degree in cultural studies with a focus on digital humanities, social media, and digitization. She is interested in the cultural aspects of the current digital environment.