The folks at the Washington Post sure are using their investigative journalism resources wisely. Instead of exposing senators taking kickbacks or anti-gay congressmen sleeping with their male aides, WaPo has solved the story behind Paris Hilton‘s hacked Sidekick. And it all went down in the unsexiest of manners.
Rather than some 31337 4@x0r (that’s “eleet hacker” for all ya’ll non-geeks) tricks, hackers gained access to Paris’ account with good old social engineering by phone.
Like when you’re trying to get Details mag’s Daniel Peres on the phone to pitch him a story on mandals but his assistant insists he’s out of the office and would you like to leave a message? so you lie and say his mother was in a car accident and you can only reveal the sensitive details like what hospital she’s at to Daniel himself? Yes, exactly like that.
In this case, the hacker group played pretend and phoned a T-Mobile store, connived them into giving up a username and password to access the “secure, employees-only” intranet and bandied about looking up celebrity names from there (Laurence Fishburne was among them, who responded to the prank calls with “You’re illegaly calling me!”). At that point it was gravy accessing Paris’ account, locking her out of her own phone and downloading her phonebook and photos.
We’re so motivated by the Post‘s vigorous journalism that we’re going to launch our own investigation into how Fred Durst‘s sex tape surfaced. Ready, Set, Go: He leaked it himself. Woot, solved!
Next time Paris’ sidekick gets hacked, Kimberly Stewart is gonna feel ravaged.