What attracts a hacker?

[Mantresh]

I wonder what attracts a hacker to a website. How does he decide that a website is worth and challenging enough to hack or not? I don't think it's just about money.

[Chip_comps]

Buggy scripts attract hacker. This is the case with the Twitter API that has been attracting hackers, and used quite successfully, might I add. I think this is such a reason you see so many people recommending to keep scripts very up to date.

[Mantresh]

Thanks Chip, that makes sense. What else do you think attracts them other than buggy scripts? What about the nature of the website? Does a payment processing website attract them most than a social networking site does?

[Chip_comps]

There is something to keep in mind about payment processing. The type of password retrieval used can attract them. You may notice a lot of banks have changed the way you retrieve passwords. There is an option to have a special code set to your mobile phone. These are strong systems that can deter a hacker. When it comes to payment processing having and https is a deterrent as well. So it is important to consider your password retrieval system, you want to keep customers happy, yet you want to keep them safe too.

[Chintan]

A good question, but i have a different view on what attracts hackers, its something which cannot be pointed out exactly, as there are many factors involved.

In most of the cases , the attacker attack to take a revenge or personal grudges like the recent indecent of CBI website defaced by Paki hackers.

Also many have an intention to affect the business or disrupt the functioning or economy of a well established company, to bankrupt the company in competitive world.

Many of them try to explore the security or prove them self by breaking in to most secure servers or areas like Government or Military sites.

Most of the Blunders are due to the noob's who use the freely avaiable software's over internet , without knowing the actual working and its affect eg: a 13-yr old broke into Nasa's server using the tool that he obtained from internet, even Kids can hack these days

Buggy scripts and other security flaws are the things that attackers exploit and take advantage to cause maximum destruction.

[Chip_comps]

You make a good point. Revenge can defiantly be a strong motivation. As well as devious business practices to attack competitors, then there are the kids just seeing how big and bad they can me. And those who hack for a living. It's a scary hacking world!

[11vader11]

When you really stop and think about it, there are so many different types of people who are hackers. You can not classify them in to one box. For all you know you could pass a hacker on the street, or sit next to him on the bus and never know it.

[viraj]

A more complicated website or server hosting an eshop, ecommerce shopping system will be of more use or attract the hacker than a simple static website. Server scripts access databases that store private data about clients, suppliers, & so on. In addition, this database can store confidential information such as users' credit card numbers. Disclosure of the source code of the server scripts would also be dangerous. These scripts are likely to contain information sufficient for access to the database, that is, the login & the password. Even if they aren't stored unencrypted, the hacker would be able to disclose them. The source code of the scripts could be analyzed for vulnerabilities that would allow the hacker to obtain high privileges & control the server. Leakage of any information from such site would be more dangerous than from the static site..

A hacker who has found a hole in this system is unlikely to change data in it. Rather, he/she would try to remain unnoticed & obtain commercial secrets to benefit from them. So, the hacker would first decide whether he or she wants to change information on a server, like deface the server/website, replenish his/her personal account, destroy a database, etc. or collect information such as dump the database, copy system files, etc.

In any case, the hacker's main goal is to obtain as much information about the server as possible & to obtain privileges on it.

[Mantresh]

Wow, there are many reasons a hacker hacks for. Thanks so much guys for the information. The other reason my friend told me is to get hired by the company owning the website he hacks.

[mark1977]

Hackers are destructive by nature and they want to prove their technical excellence.

Thanks,