Rising threat of ‘Hash Jack’ worries cyber security experts

A new cyber threat called Hash Jack, used to hijack hashed credentials, is worrying cyber experts. Officials say cyber gangs are targeting weak hashing systems and outdated authentication methods, linking the technique to banking frauds, crypto wallet breaches and data theft

Hyderabad: A fast emerging digital threat known as ‘Hash Jack’, the technique increasingly used by cybercriminals to hijack hashed credentials and gain unauthorised access to online systems, is raising serious concerns.

With cyber fraud cases rising sharply across the country, the term has gained significant attention among tech professionals, law enforcement agencies and digital security experts.

---

Hash Jack refers to a cyber attack method where cyber criminals target ‘hashed passwords’ or authentication tokens, the encrypted versions of sensitive login details.

At present, with most platforms shifting to encrypted authentication, hashed credentials have become the centre of digital security. However, as organisations depend heavily on cloud services, remote work systems and multi app integrations, these hashed values are also increasingly exposed to new types of challenges.

“Instead of breaking passwords directly, cyber attackers attempt to steal, replace or manipulate the hash values stored in servers, mobile apps or user devices. Once successful, they can even impersonate legitimate users and slip into secure systems,” said N Sridhar, a cyber expert.

Security analysts say cyber gangs are using automated scripts and AI tools to scan for weak hashing algorithms, poorly secured databases and outdated authentication methods. Hash Jacking has also been linked to recent online banking frauds, crypto wallet breaches and corporate data theft incidents across the country.

Cybercrime officials say Hash Jacking poses a major challenge because it can bypass traditional password based security and often leaves minimal traces for forensic teams. To counter the latest threat, specialised monitoring tools and real time hash integrity checks are being deployed in some sectors like e commerce platforms and healthcare.

Cyber security professionals say many breaches occur due to ignored updates, leaked credentials or poor password practices.

“It is utmost important that users and businesses adopt updated hashing standards, multi factor authentication, regular security audits and stronger encryption protocols,” Sridhar said, adding that stronger cyber hygiene, smarter security systems and proactive monitoring is the need of the hour.