Paris Hilton hacked thanks to old school scamming

Filed under
Security

One of the now notorious Paris Hilton hacker gang - who lifted pictures and celebrities' numbers from the 'heirhead''s T-Mobile Sidekick phone - has revealed he's no technical genius, just a dab hand at old-fashioned offline scamming.

According to an interview with the unnamed teenager by the Washington Post, the gang found a security flaw in T-Mobile's password reset mechanism which allowed them to shut out Sidekick users from their own accounts.

After annoying their T-Mobile-using friends for a while, the gang decided to take on a more well-known face.

However, all this technical hacking expertise was no use while the gang still lacked a celebrity's phone number. At this point, the gang took their hacking offline and moved onto social engineering.

One of the hackers called a T-Mobile store, claiming to be a superior from T-Mobile's headquarters in Washington following up on reports of problems with customer accounts.

The T-Mobile employee in question volunteered the website address where all customers' account details can be found, as well as the user name and password needed to access the information.

Once inside the protected area, the hackers were able to get access to a number of stars' accounts and used the information to harass Matrix actor Laurence Fishburn before releasing the contents of Hilton's Sidekick onto the internet.

The investigation into the hack is still ongoing.

Source.