No announcement yet.

Hackers Crack 'Unhackable' E-mail Account, Win $10,000

  • Filter
  • Time
  • Show
Clear All
new posts

  • Hackers Crack 'Unhackable' E-mail Account, Win $10,000

    More like...wait, someone wasn't supposed to win this contest!

    An e-mail security start-up is red in the face and a crafty hacker and his team are 10 grand richer after an unhackable e-mail account was cracked.

    StrongWebmail launched a contest earlier this month urging hackers to attempt to crack into its CEO's StrongWebmail account. The company was so confident it put a cool $10,000 up for the first one to successfully access the account. To make the break a little easier, the company even provided the CEO's username and password.

    StrongWebmail works like this: To get into an account, the account owner must receive a verification call on his or her phone after putting in his or her username and password. That call -- which only goes to the account owner's phone -- provides a code to gain access into the e-mail account. The phone authentication is supposed to be the strongest line of defense. Essentially, if someone tries to log into a user's account without permission, he or she won't receive the phone call with the code. Also, if someone is trying to fraudulently log into an account, the account's owner will receive an authentication phone call.

  • #2
    Re: Hackers Crack 'Unhackable' E-mail Account, Win $10,000

    Just because they didn't use the phone as a vector doesn't mean it couldn't be one. To me that opens a bunch of possible ways to gain access.
    Fraternal Order of Locksport


    • #3
      Re: Hackers Crack 'Unhackable' E-mail Account, Win $10,000

      I really hope they pay out the reward as intended, I know that's been a problem with contests like this in the past.

      This part just makes me laugh, though.

      "We won't rest until we have proven that telephone-based authentication is the most secure form of username/password protection available," the company said.
      Aut disce aut discede


      • #4
        Re: Hackers Crack 'Unhackable' E-mail Account, Win $10,000

        Reminds me of when the CEO of LifeLock was a victim of identity theft
        45 5F E1 04 22 CA 29 C4 93 3F 95 05 2B 79 2A B0
        45 5F E1 04 22 CA 29 C4 93 3F 95 05 2B 79 2A B1
        [ redacted ]


        • #5
          Re: Hackers Crack 'Unhackable' E-mail Account, Win $10,000

          Highly amusing, I'd been following the guy via twitter that hacked the account throughout the entire process. @xssexploits . Enough said. He even posted the check on twitter to show he received it. :-P
          Twitter: @pygeek