Huh: NBC story of ‘getting hacked in Sochi’ was completely false?

Huh: NBC story of ‘getting hacked in Sochi’ was completely false?

[Ed. – Not that we’re surprised.]

On February 4th, NBC News ran a story claiming that if you bring your mobile phone or laptop to the Sochi Olympics, it’ll immediately be hacked the moment you turn it on. The story was fabricated.  The technical details relate to going to the Olympics in cyberspace (visiting websites), not going to there in person and using their local WiFi.
The story shows Richard Engel “getting hacked” while in a café in Russia. It is wrong in every salient detail.
  1. They aren’t in Sochi, but in Moscow, 1007 miles away.
  2. The “hack” happens because of the websites they visit (Olympic themed websites), not their physical location. The results would’ve been the same in America.
  3. The phone didn’t “get” hacked; Richard Engel initiated the download of a hostile Android app onto his phone. [update here] and he had to disable the security on the phone to do it.

I had expected the story to be about the situation with WiFi in Sochi, such as man-in-the-middle attacks inserting the Blackhole toolkit into web pages exploiting the latest Flash 0day. But the story was nothing of the sort.

Instead, the hacking in the story was due to the hostility of Olympic themed websites. The only increased danger from being in Russia is geolocation. Google uses your IP address to increase the of rank local sites, so you’ll see more dodgy Russian sites in the results. You can disable this feature in your Google account settings.
Absolutely 0% of the story was about turning on a computer and connecting to a Sochi network.  100% of the story was about visiting websites remotely.

Commenting Policy

We have no tolerance for comments containing violence, racism, vulgarity, profanity, all caps, or discourteous behavior. Thank you for partnering with us to maintain a courteous and useful public environment where we can engage in reasonable discourse. Read more.

You may use HTML in your comments. Feel free to review the full list of allowed HTML here.

Facebook Comments

Disqus Comments