DeviceLine

Security News for Mobile, Apps & IoT

Debunked: Sochi Hacking Story

It was an intriguing idea–that mobile devices at the Sochi Olympics would be hacked almost immediately–were it true.

On Monday DeviceLine reported the story from NBC showing NBC news Chief Foreign Correspondent Richard Engle having his mobile devices hacked. The NBC news site states “Skilled computer hackers, combined with weak law enforcement and a strong criminal underworld, creates a big problem in Russia.” But Engle was in Moscow, not Sochi, and the websites sites he visited could have visited in the United States–or anywhere.

Security expert Robert Graham doesn’t hold back, blogging That NBC Story 100% Fraudulent. “The phone didn’t “get” hacked; Richard Engel initiated the download of a hostile Android app onto his phone,” Graham wrote.

“Absolutely 0% of the story was about turning on a computer and connecting to a Sochi network. 100% of the story was about visiting websites remotely,” Graham wrote. “Thus, the claim of the story that you’ll get hacked immediately upon turning on your computers is fraudulent.”

Even the expert cited in the Engel story has come out against it. Kyle Wilhoit, from Trend micro, tweeted that the technical details of what they did was far more interesting than what aired on NBC. The white paper is due to be published on Friday.

Graham concludes: “That leaves us with the same advice that we always give people:

  1. don’t click on stuff
  2. patch your stuff (browser, Flash, PDF)
  3. get rid of the really bad stuff (Oracle’s Java)
  4. don’t click on stuff
  5. oh, and if you really are in Sochi, use VPN over the public WiFi

No Comments

Leave a Comment