|
Full Disclosure
mailing list archives
Re: DEF CON 19 - hackers get hacked!
From: "Eric McCann" <nuclearmistake () gmail com>
Date: Wed, 10 Aug 2011 14:54:53 -0400
<-- got pwned
I spent 90% of the time with my Windows (I like koolaid. deal with it) laptop on a 4g My-Fi up in my room, and had my
droid 2 global on 3G most of the time.
Saturday-ish, I noticed alot of "hey, what's your password again?", and said "NO YOU" to most of them, but didn't
really have a sense that they were suspect until I read this thread.
Saturday around noon I got this email in my gmail inbox... FROM "MYSELF".
"""
Hello, Eric. I have your laptop, and it won't let me log off your account. I was wondering if you could tell me?
Anytime I go on to my account, it always directs me to yours. Do you mind informing me on how to log off your account
for good? I have no intention of hacking or sabotaging your account. Thank you,
Aislyn
P.S. I fixed your laptop. I believe you left it at the dump.
"""
I promptly responded with something along the lines of, "Describe my laptop...... and go ________ yourself", closed all
existing google sessions, changed my password a few times, and enabled 2 factor authentication.
The only ongoing issue I've noticed is my feeling of regret that whoever sent the email will never be able to respond
my reply. :-(
On Wed, 10 Aug 2011 14:17:25 -0400, coderman <coderman () gmail com> wrote:
lots of misunderstanding...
On Wed, Aug 10, 2011 at 2:21 AM, coderman <coderman () gmail com> wrote:
... some characteristics:
- full active MitM against CDMA and 4G connections from Rio to carriers.
802.16/ClearWire/Sprint4G
did not have LTE to test with.
how to tell if you *MAY HAVE* met the beast at Rio:
..
of course many of these seem innocuous or unrelated. that's the point
and why attacking via these methods was effective.
there are situations where signal and link would be bad just given
congestion and noise floor.
however i am speaking to particular effects when the MitM was taking
over a connection from target to the carrier and redirecting through
itself. this was done in a manner that causes some effects described.
sorry media, no inquiries. i bet you can find people to talk to; try
reddit and twitter:
http://www.reddit.com/r/netsec/comments/jeis7/full_disclosure_def_con_19_hackers_get_hacked/
http://twitter.com/?q=defcon+cdma#!/search
http://twitter.com/#!/search/defcon%204G
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
--
Eric McCann
University of Massachusetts, Lowell
Department of Computer Science
One University Avenue
Olsen Hall, Room 304
Lowell, MA 01854
Lab: 978.934.3385
Email: emccann () cs uml edu
Homepage (lab): www.cs.uml.edu/robots
Homepage: www.emccann.net
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
 By Date 
By Thread
Current thread:
|
