Popular cultured hackers who break banks over the Internet are mostly a myth. Statistics show that 91% of information attacks on banks are committed by corrupt employees of the banks themselves, 8% are bank intermediaries, and only 1% are hackers. The password cracking procedure shown in the films takes not a few seconds, but at least several hours.
There are two main methods for cracking a password:
Dictionary search, in which the attacker tries different combinations of symbols. Priority is given to those combinations that are based on the user's first and last name, dates that are important to him, and other personal information.
Examining hashed data on the user's computer to establish patterns that will allow finding a password.These are not all methods available to modern cybercriminals. They also have at their disposal:
Programs such as Keylogger and Form-grabber that record and transmit user actions to a remote computer.
Backdoors and C&C: software loopholes that allow you to establish control over the system.
SQL injection at the database level.
XSS attacks in which malicious code is generated on a web server.
Directory Traversal - an attack through changing the path to a directory on a hosting.
Remote File Inclusion is an attack that injects a file or script into a server. Such a file would be a Trojan horse for other types of attacks.