RSS

Tag Archives: hacker

DeRay McKeeson Phone Hacked By Trumpazoid

Despite efforts by BLM members to up their security, hacking social media accounts by miscreants is still relatively easy, due to intrinsic faults in the platform software.

If you want to be secure on Social Media, you need to change passwords and PINs frequently, and for someone with a high media profile, probably daily. Utilizing some VPN technologies provide security, however those that use DES or WPK Encryption are basically useless against a sophisticated or professional level hacker.

PewPrivacyPerceptionsChart650

Someone hijacked DeRay Mckesson’s Twitter account in a sneaky and preventable way

It’s called pretexting and it’s easy to do, but it’s also easy to prevent.

By now you’ve probably heard that the Twitter account belonging to #BlackLivesMatter activist DeRay Mckesson was hijacked on Friday. The tweet sent from Mckesson’s account that endorsed Donald Trump for president was probably a giveaway.

It wasn’t a hacking attack in the strictest sense: Twitter’s systems apparently weren’t compromised, and Mckesson even had two-factor authentication turned on. Instead, the attackers hijacked his mobile phone, using a weakness in how account information is managed by wireless providers.

Having first obtained the last four digits of Mckesson’s Social Security number, the hackers called Verizon’s billing department and impersonated him. They then redirected his service to a phone they had handy so that calls and texts going to his number were directed instead to their phone.

From there they used Twitter’s password reset feature — which relies on authorization codes sent via text messages to a phone — and locked Mckesson out of his account.

The technique of pretending to be someone and tricking a wireless provider into handing over control of a customer account is an old one. It’s called pretexting: The attacker pretends to be a customer having a problem, and convinces a service rep that the request they’re making is legitimate.

It’s illegal. When the technique was used by a set of private investigators hired by the chairman of Hewlett-Packard a little more than a decade ago it caused a huge corporate scandal. One person charged served time in federal prison, while others received probation.

So how do you avoid experiencing the same headache Mckesson had on Friday? According to the Federal Trade Commission, it comes down to eliminating your Social Security number as a way to identify yourself to your carrier. Without that, hackers would have no way to access your phone and therefore no way to get ahold of your two-factor authentication code.

The details on how to set this up vary with your wireless carrier:

  • AT&T calls its feature “extra security.” It means that before you can talk to a service rep you have to provide a passcode. You can read more about it here.

  • Verizon allows customers to set their own personal identifying number to access their accounts. You can do this by calling Verizon or going to a Verizon store.

  • T-Mobile does the same thing Verizon does, but calls it a “customer care password.” Again, call in or visit a T-Mobile store.

  • Sprint asks customers to set a PIN number to access their accounts.

 
Leave a comment

Posted by on June 12, 2016 in BlackLivesMatter

 

Tags: , , , , , ,

Hillary Hacker Goes Down

Well…Looks like the guy who hacked Hillary’s email server when she was Secretary of State…

Is in for a long enforced vacation, with no phone, no pool, and no pets.

Hacker Who Exposed Hillary Clinton’s Email Server Expected To Plead Guilty

He was indicted on charges including wire fraud, unauthorized access of protected computer, aggravated identity theft, cyberstalking and obstruction of justice.

A Romanian computer hacker who revealed the existence of a private email server used by Hillary Clinton when she was secretary of state is expected to plead guilty to hacking-related offenses, a U.S. law enforcement official said on Tuesday.

Accused hacker Marcel Lazar, who used the alias “Guccifer,” is scheduled to enter a guilty plea at a hearing early on Wednesday before Judge James Cacheris in U.S. District Court, Alexandria, Virginia, said the official.

He was indicted on charges including wire fraud, unauthorized access of protected computer, aggravated identity theft, cyberstalking and obstruction of justice.

The official and another person familiar with the Guccifer investigation, who asked not to be named ahead of the proceedings, said Lazar’s plea would not validate claims he has made in recent media interviews about successfully hacking the email server Clinton installed at her home in Chappaqua, New York. She used it to handle both official and personal message traffic when she was Secretary of State.

The two sources said the U.S. investigation of Lazar turned up no evidence to support thehacker‘s claims that he had broken into Clinton’s private server. Its contents and operations are the focus of an FBI investigation.

Lazar’s public defender, Shannon Quill, did not respond to a request for comment.

In an interview with NBC News before his extradition from Romania, Lazar claimed that Clinton’s private server “was like an open orchid on the internet.”

Clinton, law enforcement and national security officials have said there is no evidence that Guccifer or any other unauthorized or outside party breached Clinton’s private server.

None of the State Department-related message traffic that moved through the private server when Clinton served as secretary of state was marked and treated as classified.

However, among the targets of Guccifer’s hacking was an AOL email account used by Sidney Blumenthal, a former Clinton White House aide and unofficial adviser.

Marcel AKA Gucifer, Doing the Perp Walk

 
Leave a comment

Posted by on May 24, 2016 in International Terrorism

 

Tags: , , , , , , ,

 
%d bloggers like this: