Announcement

Collapse
No announcement yet.

Hackers Crack 'Unhackable' E-mail Account, Win $10,000

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • pygeek
    replied
    Re: Hackers Crack 'Unhackable' E-mail Account, Win $10,000

    Highly amusing, I'd been following the guy via twitter that hacked the account throughout the entire process. @xssexploits . Enough said. He even posted the check on twitter to show he received it. :-P

    Leave a comment:


  • bascule
    replied
    Re: Hackers Crack 'Unhackable' E-mail Account, Win $10,000

    Reminds me of when the CEO of LifeLock was a victim of identity theft

    Leave a comment:


  • AlxRogan
    replied
    Re: Hackers Crack 'Unhackable' E-mail Account, Win $10,000

    I really hope they pay out the reward as intended, I know that's been a problem with contests like this in the past.

    This part just makes me laugh, though.

    "We won't rest until we have proven that telephone-based authentication is the most secure form of username/password protection available," the company said.

    Leave a comment:


  • valanx
    replied
    Re: Hackers Crack 'Unhackable' E-mail Account, Win $10,000

    Just because they didn't use the phone as a vector doesn't mean it couldn't be one. To me that opens a bunch of possible ways to gain access.

    Leave a comment:


  • Hackers Crack 'Unhackable' E-mail Account, Win $10,000

    http://www.crn.com/security/21790016...OSKH0CJUNN2JVN

    More like...wait, someone wasn't supposed to win this contest!

    An e-mail security start-up is red in the face and a crafty hacker and his team are 10 grand richer after an unhackable e-mail account was cracked.

    StrongWebmail launched a contest earlier this month urging hackers to attempt to crack into its CEO's StrongWebmail account. The company was so confident it put a cool $10,000 up for the first one to successfully access the account. To make the break a little easier, the company even provided the CEO's username and password.

    StrongWebmail works like this: To get into an account, the account owner must receive a verification call on his or her phone after putting in his or her username and password. That call -- which only goes to the account owner's phone -- provides a code to gain access into the e-mail account. The phone authentication is supposed to be the strongest line of defense. Essentially, if someone tries to log into a user's account without permission, he or she won't receive the phone call with the code. Also, if someone is trying to fraudulently log into an account, the account's owner will receive an authentication phone call.
Working...
X