Mat Honan, the former editor of the Gizmodo website, became the victim of a hacker and within moments his cyber world practically collapsed. The hacker got hold of Honan's Google account and subsequently deleted it. However, Honan's troubles were far from over on this account. The hacker also misused Honan's Twitter, and the account of this former editor became a platform for racist and homophobic expressions from day to day. However, Mat Honan experienced probably the worst moments when he discovered that his Apple ID had also been detected and all data from his MacBook, iPad and iPhone had been remotely deleted.
It was largely my fault, and I made the hackers' job a lot easier. We had all the mentioned accounts closely connected. The hacker obtained the necessary information from my Amazon account to access my Apple ID. So he got access to more data, which led to access to my Gmail and then Twitter. If I had better secured my Google account, the consequences might not have been like this, and if I had regularly backed up my MacBook data, the whole thing might not have been so painful. Unfortunately, I lost tons of photos from my daughter's first year, 8 years of email correspondence, and countless unbacked up documents. I regret these mistakes of mine... However, a huge share of the blame lies with the insufficient security system of Apple and Amazon.
Overall, Mat Honan sees a big problem with the current trend of keeping most of your data in the cloud instead of on your hard drive. Apple is trying to get the largest possible percentage of its users to use iCloud, Google is creating a purely cloud operating system, and probably the most frequent operating system of the near future, Windows 8, intends to move in this direction as well. If security measures protecting user data are not radically changed, hackers will have an incredibly easy job. An outdated system of easy-to-crack passwords simply won't be enough anymore.
I found out that something was wrong around five o'clock in the afternoon. My iPhone shut down and when I turned it on, the dialog that appears when a new device is first booted up. I thought it was a software bug and wasn't worried because I back up my iPhone every night. However, I was denied access to the backup. So I connected the iPhone to my laptop and immediately found that my Gmail was also denied. Then the monitor turned gray and I was asked for a four-digit PIN. But I don't use any four-digit PIN on the MacBook. At this point, I realized that something really bad had happened, and for the first time I thought of the possibility of a hacker attack. I decided to call AppleCare. I found out today that I am not the first person to call this line regarding my Apple ID. The operator was very reluctant to give me any information regarding the previous call and I spent an hour and a half on the phone.
A person who said he lost access to his phone called Apple customer support @ me.com email. That email was, of course, Mata Honan's. The operator generated a new password for the caller and didn't even mind the fact that the scammer couldn't answer the personal question Honan entered for his Apple ID. After gaining the Apple ID, nothing prevented the hacker from using the Find my * application to delete all data from Honan's iPhone, iPad and MacBook. But why and how did the hacker actually do it?
One of the attackers contacted the former editor of Gizmodo himself and finally revealed to him how the whole cyber-abusion took place. In fact, from the beginning it was only an experiment, which aimed to abuse the Twitter of any well-known personality and point out the security flaws of the current Internet. Mat Honan was said to have been chosen essentially at random and it was nothing personal or pre-targeted. The hacker, who was later identified under the nickname Phobia, did not plan to attack Honan's Apple ID at all and ended up using it only because of a favorable development of circumstances. Phobia is said to have even expressed some regret over the loss of Honan's personal data, such as the aforementioned photos of his daughter growing up.
The hacker first found out Honan's gmail address. Of course, it doesn't even take five minutes to find the e-mail contact of such a well-known personality. When Phobia reached the page for recovering a lost password in Gmail, he also found Honan's alternative @ me.com address. And this was the first step to getting an Apple ID. Phobia called AppleCare and reported a lost password.
In order for a customer support operator to generate a new password, all you have to do is tell them the following information: the email address associated with the account, the last four numbers of your credit card, and the address that was entered when you signed up for iCloud. There is certainly no problem with e-mail or address. The only more difficult hurdle for a hacker is finding those last four credit card numbers. Phobia overcame this pitfall thanks to Amazon's lack of security. All he had to do was call the customer support of this online store and ask to add a new payment card to his Amazon account. For this step, you only need to provide your postal address and e-mail, which are again easily ascertainable data. He then called Amazon again and asked for a new password to be generated. Now, of course, he already knew the third necessary information – the payment card number. After that, it was enough to check the history of data changes on the Amazon account, and Phobia also got the number of Honan's real payment card.
By gaining access to Honan's Apple ID, Phobia was able to wipe data from all three of Honan's Apple devices while also obtaining an alternate email address needed to access Gmail. With the Gmail account, the planned attack on Honan's Twitter was no longer a problem.
This is how the digital world of one essentially randomly selected person collapsed. Let's just be happy that something like this happened to a relatively famous person and the whole affair was quickly blurred on the Internet. In response to this incident, both Apple and Amazon changed their security measures, and we can sleep a little more peacefully after all.
It wasn't even a hacker, was it?
What do you think a Hacker is? :D This is one of the most efficient and developed branches of hacking. The term hacking refers to passing through some security barriers in order to gain ownership of data or access to it. Computer services are not just the ones and zeroes, but also the people who control those ones and zeroes and are part of that security. It can be broken both technically (which tends to be more demanding, as an error must be sought in the function of the system as such) or socially, when an error is sought in the processes of service operation. This is the social type, from which we get the name of the hacking industry "social engineering".
When someone steals data from your computer, it doesn't matter if they break into your house, let your wife send it (social engineering mentioned :D ), or hack into your computer :o) it's still an invasion of your privacy :o)
So it's social engineering
yes :o)
I would mainly be interested in how they changed their security measures...
I just think that his data that he lost, for example the mentioned photos or emails, still exist. If you delete something from the cloud, I doubt that it is deleted in reality, rather some deleted=true is set :-)
And damn it, because Honan won't get access to that data anymore.
OMG, if it was just an experiment, he could have at least restored those things from backup. But I would kill that hacker with a big smile. But what the heck, just start the digital world from scratch.