Do you think that you are safe by entrusting data to Microsoft, Google or Apple? And logging in with two-step verification?
None of this, even there you can hack - claims the most famous hacker Kevin Mitnick.
(Ed. note: Translated using Google)
To prove this, Mitnick, the guest of the "Inside Trends" conference, demonstrated several hacking attacks live. Let's take a login with a two-stage version. To be safer, in addition to the login and password, you must enter the code from an SMS sent to your mobile phone. Theoretically, without cell access, you can not enter your account. However, Mitnick showed on the example of LinkedIn that in practice this protection can be circumvented. How?
The hacker first breaks into the user's computer and waits for that to log into LinkedIn and enter a one-time code from an SMS. Then just download the "cookie" generated by LinkedIn from the attacked computer and enter it in your own browser. And here is someone stranger entered our account.
The live presentation of remote encryption of e-mails in the "cloud" Outlook box was equally dangerous. The trick is to get the user to click on the email with an attachment that will infect the mailbox. How to do it? Just impersonate Microsoft, which recommends updating the software. If an inattentive user clicks on the attachment, he will give remote control over the hacker's box. And this one can quickly encrypt the content of e-mails and demand a ransom (that's how "ransomware" software works).
Kevin Mitnick, after his passing from youth (in the 90s he was detained by the FBI and convicted by a court for 5 years in prison for hacking into secure systems), founded a company that, at the request of other companies, breaks into their network to find weak points. Completely legally and for money.
- The most important part is "breaking a man" - convinces Mitnick. The so-called. "Social hacking", that is, drawing information about employed people or the habits of the company is a necessary introduction to real hacking. A properly prepared hacker thanks to psychological tricks and manipulation is able to penetrate everywhere. The Mitnick Security team boasts almost 100% here. efficiency.
To view the original article and other important news articles, please refer to the source.
Source: Newsweek Polska