Journalist challenges white hat hacker team to get him, they succeed

The challenge

It’s my first class of the semester at New York University. I’m discussing the evils of plagiarism and falsifying sources with 11 graduate journalism students when, without warning, my computer freezes. I fruitlessly tap on the keyboard as my laptop takes on a life of its own and reboots. Seconds later the screen flashes a message. To receive the four-digit code I need to unlock it I’ll have to dial a number with a 312 area code. Then my iPhone, set on vibrate and sitting idly on the table, beeps madly.

I’m being hacked — and only have myself to blame.

Two months earlier I challenged Nicholas Percoco, senior vice president of SpiderLabs...

PART 1 and PART 2 describes some of the custom malware and tricks used. Pishing, software vulnerability exploits, etc. This is the stuff they managed to accomplish without setting up outside Adam's apartment with WiFi hacking hardware.

...Parts one and two will detail the malware and phishing aspects of our hack with contributions from myself, Matt Jakubowski and Daniel Chechik. Next week, our colleague Garret Picchioni will publish more technical details about the onsite and wireless portions of the attack.
My daily job as a security researcher on the Malware Analysis Team in SpiderLabs typically consists of reverse-engineering malware (usually something encountered during a forensics investigation). When I was asked to take part in this project, it seemed a natural fit that I would help out by writing custom malware in order to gain access to Adam’s machine. Rarely do I get the chance to don my metaphorical "black hat" and actually create a malicious file. Doing so often allows me to see the situation from both sides, which in turn allows me to do a better job when it comes to reversing malware. In short, I was pretty excited...

PART 3 describes the on-site Wi-Fi cracking adventure that got them in.

...Once arriving onsite in Adam’s neighborhood and doing a quick Wi-Fi scan we discovered it was going to be a lot more difficult than originally anticipated. As it turns out, there are a lot of people that live in Brooklyn Heights, and as a result a lot of unique wireless networks. Our initial scans of the area revealed that there were over 1,200 wireless networks discoverable from Adam’s block with our wireless equipment. Without obvious wireless network names such as “Adam Penenberg’s House” we had to resort to some conventional and unconventional methods to identify his network...

...After letting the device sit overnight, we had our final list of approximately 20 wireless networks...

....To do so, we sent specially crafted packets to only these devices informing them to disconnect from the wireless network. Once they attempted to reconnect to the network, we were able to capture the WPA handshake. We sent that handshake to SpiderLabs’ password cracking server and proceeded to crack the password to his network in approximately 15 minutes. With the password, we had full access to his wireless network.

posted by Purp at 08:25 AM

| Access Comments