It’s fair to say that if you try and dare a hacker to break into your accounts, it’s pretty likely that you’ll hate the outcome.
After high-profile hacks on Sony Pictures, JPMorgan Chase, Ashley Madison, and other major companies, Kevin Roose got curious about what it felt like to be on the victim’s side of a giant data breach.
So he dared two expert hackers to spend a fortnight to gain access into his life, as long as they agreed not to reveal any of his secrets publicly or more importantly steal a shed load of money.
The hackers went to work to get deep inside Roose’s life and shit escalated very quickly. Just through using a combination of social engineering (a bit of lying and smooth talking to gain key info) and some malicious software they made it look so so easy.
Writing in an article about the experience at Fusion, Roose said:
If he had been a malicious attacker, he could have done unspeakable damage: draining my bank account, ruining my credit score, deleting years’ worth of photos, videos, and important data from my hard drive, using secrets from my email inbox and my work Slack to ruin my reputation. Anything, really.
They shared a video of Roose’s ordeal on YouTube, showing how the hackers pulled it off and it’s just terrifying.
After putting together a 13-page dossier on Roose – purely based on his social media account and other public data they found online – the hackers socially engineered their way into his accounts
They even managed to get a hacker, Jessica Clark, to pose as his wife to call his phone company and is able to get full control over his account.
As well as these tactics, hacker Dan Tentler tried a more traditional approach of ‘spear-phishing’, ie. sending him one of those dodgy looking emails which look pretty legit.
They were designed to get him to click on the link and Roose fell for it, massively. By installing a security certificate that gives the hacker complete control over his computer.
Tentler was than able to get hold of all his passwords, gained access to his webcam to take photos every two minutes, look at his bank account and keep tabs in place through his security camera.
This is definitely a scary reminder that technology can be as much as a hindrance as it can be a help.