Sex and the Slashdot

Just reading the Guardian (I know, I know) that the president of Jimmy Choo shoes Ms Tamara Mellon was being spied upon by a ‘hi-tech’ private investigation company called AIS under the direction of her minted but somewhat slow witted husband.

Now any security professional (and I know a very good one) will tell you that the best way to Attack and Penetrate a target is via social engineering. That’s were you confidently walk in, plug in your laptop and download the entire companies network contents and walk out. Which works due to the wonders of social compliance. But failing that you could intercept wifi comms using the newly popular ‘Evil Twin‘. Or maybe intercept traffic coming out of her office and use a man-in-the-middle attack…. but no.

What id AIS do? Wait for it… They sent her a ‘sleasy’ email with a Trojan key-logger in it.

What an incredibly poor method of attack. You need great naivety on the users part to run it. Great weakness in outbound firewalls to get you data. Easy tracking of where the logger transmits that data if it does transmit it and pretty dubious information anyway.

I’m agog…

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: