All it takes to hack security cameras and bank accounts is an email, demonstrates a hacker. What happens when you challenge a series of extremely dexterous hackers to hack your bank accounts and other mediums? Well, it can result in unspeakable damage, particularly if the hacker gets the notion that he can get rich by performing a couple of evil tricks up his sleeve. It was the time when YouTube channel content uploader Kevin Roose possibly learned the biggest lesson of his life by daring two hacking experts to spend a couple weeks trying to gain access to his life, as long as they agreed not to steal money or reveal his secrets publicly.
Would you believe if we told you that one female hacker got access to Roose’s email address without using any sort of code whatsoever? In fact, there is a sophisticated approach called social engineering, where instead of relying on your skills as a hacker, you rely on being a smooth talker and generate lies in order to form a situation where the person on the other side of the phone is able to provide you with sensitive, and extremely critical information about the user. Sure enough, in less than 10 minutes, the female hacker was able to get access to Roose’s life, by impersonating his girlfriend. The next part is even scarier.
Next up came Dan Tentler, who is a hacker and security expert with Phobos Group. After challenging Tentler, the hacker not only got access to his social security number and bank accounts, but in essence, he actually became Kevin Roose by gaining access to his entire life. Roose accounts his findings as he says the following:
“If he had been a malicious attacker, Dan said, he could have done unspeakable damage: draining my bank account, ruining my credit score, deleting years’ worth of photos, videos, and important data from my hard drive, using secrets from my email inbox and my work Slack to ruin my reputation. Anything, really.”
Fusion put up a video of the ordeal on YouTube, which showed how the hackers pulled it off.
Apart from social engineering tactics, hacker Dan Tentler tries the more traditional route of ‘spear-phishing’ Roose. What he does is he sends him an official-looking email designed to get him to click on a malicious link inside. Approximately 91 percent of targeted cyber-attacks take place this way, and Roose, like many other unsuspecting victims, fall for it. Afterwards, Tentler proceeds to installing a security certificate that gives the hacker total control over his computer.
From there on, it was simple smooth sailing for Tentler as he is able to grab all his passwords, including the one for his password management app, which you are all familiar with; 1Password. The moral of the story is that you should think very carefully about challenging a hacker to hack you, because if the character surrounding that hacker is based on loose morals and malicious intent, he can turn you homeless and penniless in mere minutes.
Working as a cyber security solutions architect, Alisa focuses on application and network security. Before joining us she held a cyber security researcher positions within a variety of cyber security start-ups. She also experience in different industry domains like finance, healthcare and consumer products.