What is BFA, Keylogging, Phishing, Trojan, DDOS & CryptoJacking?

Welcome to another Crypto Jargon post. The series where I break down the complex terms that we use in reference to blockchain tech and cryptocurrencies.

Today I look at the terms:

BFA
Keylogging
Phishing
Trojan
DDOS
Cryptojacking

What all of these have in common is that they are all forms of cyber-attacks.
Hacking in one way or another.

So, let’s get started with BFA, which stands for Brute Force Attack.
This is an attack where someone tries to find a code, key or password by using trial-and-error methods.
For instance, if a password is a four-digit code, a Brute Force Attack (in simple terms) would be to try 0000, then 0001, then 0002, then 0003 and so on… But of course Brute Force Attack is carried out by automated software, so they don’t actually take as much effort as you would need if handled manually and can be very dangerous and quite successful, especially with weak passwords.

Speaking of passwords, a word of advice: many crypto-related websites are now allowing you to have a space between words in your password and special characters, so make sure you use these to make your password more complex and never use the same password for two or more websites.

Moving on to Keylogger.
This is a tool designed to capture all keystrokes of a computer, either through a software program or through a hardware device. Often it is used to hack into accounts by recording passwords. This keyboard recording activity is also referred to as keylogging or keystroke logging.

Next one on my list is Phishing.
This is a type of attack in which a malicious website, company or individual presents themselves as trustworthy in an attempt to fool the victim into giving up personal information (like login details, passwords, credit card details, etc).
It is one of the most wide-spread and common cyber-attack techniques and most usually comes in the form of an email, supposedly by a respected company with a request or a warning about a purchase on your account or some other form of alert for you to open a link and check your account activity. Well, that link is most certainly a fraudulent one and if you get fooled into clicking on it, you will most certainly compromise your login details and much more. We’ve all seen those emails about Amazon gift card purchase or iTunes purchase, also Paypal and many other popular services are being imitated in these phishing emails simply because these are services used by the majority of us in the online space.
Always check the sender of the email in case you get tempted to even read these emails. I usually ignore them, but every now and then I’d open an email like that and will see that even though the sender at first glance seems to be Apple or Amazon or whatever else is there, this is not the real sender. It’s just how the email is being masked to fool me into opening it in the first place. But as I scroll over the actual sender, I can see that it’s not a real company email address.

Next is Trojan.
Trojan is a type of malware that is often disguised as legitimate software.
Trojans can be employed by cyber-thieves and hackers trying to gain access to users’ systems.
Users are typically tricked into loading and executing Trojans on their systems.
Once activated, Trojans can enable cyber-criminals to spy on you, steal your sensitive data, and gain backdoor access to your system.
These actions can include: Deleting data, Blocking data, Modifying data, Copying data and all kinds of Disrupting the performance of computers.

Moving on to DDoS attacks – DDOS stands for Distributed Denial of Service and its aim is to crash servers and make websites temporarily disappear until the attack can be traced and halted.
A DDoS attack begins when the attacker rounds up hundreds of “zombie” computers. This is achieved by downloading trojans or viruses onto remote computers without the owner knowing. Once the zombie network is in place, the attacker targets one website, email server or network, and directs all the zombie computers to flood the victim with tasks or requests.

Several cryptocurrency exchanges have been the targets of DDoS attacks, which are often politically or personally motivated. In order to avoid such an infestation, computer owners should download up-to-date security software that searches their systems for malware and spyware.

Malware, by the way, is just a common term for any kind of malicious software.

And lastly, Cryptojacking – which became a “thing” back in 2017 and throughout 2018 it spread out to all kinds of devices, even on mobile phones and tablets.
This term is a combination of two other terms: cryptomining and highjacking and it’s the process of remotely using (hacking into) someone else’s computer without their knowledge or permission, to mine cryptocurrencies.
Monero was often the crypto of choice and the Pirate Bay was one of the first well-known websites that began using this method in order to bring-in additional revenue aside from their numerous pop-ups and annoying banners. I dedicated a separate post to cryptojacking.