{12:28} But if I cast out devils
by the Spirit of God, then the kingdom of God is come unto you.
{12:29} Or else how can one enter
into a strong man’s house, and spoil
his goods, except he first bind the strong man? and then he
will spoil his house.
{12:30} He that
is not with me is against me;
and he that gathereth not with me scattereth abroad.
Excerpt from Matthew 12 vs 28 – 30 in
the King James Version of the Bible
Hacking seems to be all up in the news of late.
The Certifi-Gate
vulnerability is the scariest, as it renders 90% of all Google Android
smartphones remotely hackable by
Customer Care as explained in my blog article
entitled “Check
Point Software Technologies discover Certifi-gate – How to Control a Android
Lollipop smartphone and Why fragmentation is at fault”.
Finally, however, some of that drama, has come to Jamaica in
a most dramatic way. Well. Not exactly but real close though!
I'm of course referring to the alledged hacking of Dr Khia Duncan Facebook
account by Nationwide News journalist Abka Fitz-Henley on Thursday,
August 13th 2015 as reported in the article “Police
launch investigation into alleged hacking of DK Duncan daughter's FB account”,
published Thursday, August 13, 2015, by Moya Hind, The Jamaica Observer.
 |
Dr Khia Duncan
claims someone hacked into her Facebook account and took a screenshot of her messaging
another unnamed “PNP Comrade” type individual about PNP member Ian Hayles and
his chances in winning the party’s Region 6 against her father D.K. Duncan.
 |
During an interview with the Jamaica Observer, her sister
Senator Imani Duncan-Price, claims that the conversations really took place and
that the hacker apparently can post to the account, implying that they have the
password and login.
 |
Already the boss of Nationwide News, Cliff Hughes, is on the
defensive, refuting the claim as reported in the article “Nationwide
Rejects Claims It Hacked private Messages Of DK Duncan's Daughter”,
published Thursday August 13, 2015 by Jovan Johnson, The Jamaica Gleaner.
His Twitter
handle @cliffnationwide also confirms this as well:
We
@Nationwideradio
DID NOT hack anyone's account! That's a criminal offense.
I'm urging @KhiaJosina to
desist frm making wild accusations.
— Cliff Hughes
(@cliffnationwide) August
13, 2015
Folks, this is looking like a
legal battle between Dr Khia Duncan
and Nationwide News journalist Abka
Fitz-Henley with both already retaining the services of lawyers as reported
in the article “Nationwide
journalist hires lawyer to clear name of hacking allegations by MP's daughter”,
published Friday, August 14, 2015, The
Jamaica Observer.
 |
Interestingly, in the middle of all of this, no police
report has been officially filed with the Head of the Cyber-Crime Unit
Inspector Warren Williams as noted in the article “Cybercrime
boss not aware of report that Facebook account of MP's daughter being hacked”,
published Tuesday, August 18, 2015, The
Jamaica Observer.
To quote Head of the Cyber-Crime Unit Inspector Warren
Williams, he's clueless as he’s receiving no such report: “We are not aware of
any such breach or any such report. Normally once a report of a cybercrime
breach comes in, the Cybercrime Unit will be brought into action. Now it is to
find out if the report was made at the Counter Terrorism and Organized Crime
Investigation Branch where the Cybercrime Unit sits or was it reported to a
local police station. Once it has been reported there then it is the duty of
the local police to get in touch with the specialist unit to assist in the
investigation. I’m yet to hear of that”.
So while this is all shaking down, how exactly does one hack
a Facebook account?
Anatomy of the Dr
Khia Duncan Facebook Hack - You know it's a about that Keylogger with
screenshot capability
Due to the Telecoms slant in this situation, this has caught
my eye as it's a lot like the JIS (Jamaica Information Service) website hack
back in June 2015 as reported in my blog article
entitled “Anatomy
of ISIS hack of the JIS Website - How the @JISNews Website was hacked and Why
Hactivists couldn't access sensitive GOJ Databases”.
First off the bat, there is no way to hack a facebook
account, even if you use password hashes as explained in Kemory Grubb’s Geezam blog article entitled “How Passwords are
Cracked: Never Use one Password on All Accounts”.
The only way to gain access to a Facebook, Twitter or any
Social Media account is to get the password and login; the person has to either
willing give them to you or you steal them from the target, no diffident from
stealing keys to access a house.
Most likely, it’s the latter and here’s what happened.
The hacker sent Dr
Khia Duncan a URL (Universal Resource Locator) link either in her email or
posted on of her social media accounts. She then clicked on it, opened it,
allowing the hacker's URL website to lock on to her IP Address for her device,
be it on a smartphone, Tablet or Laptop.
This gave the hacker the ability to scan her device and on
locating the Network Interface Card (Laptop) or even the Baseband Processor
(Smartphone or Tablet), they were able to determine what logical ports in her
Internet access were open.
The hacker then proceeded to take advantage of Java
scripting errors in JVM (Java Virtual Machine) if it was a smartphone or Tablet
or Windows Computer and install a keylogger as explained in my blog article
entitled “Professor
Marco Gercke warns of Scammers using Keyloggers for Spear Phishing - How to use
Keyloggers and how to Protect yourself from Scammer's American Hustle for Fast
Cash”.
That keylogger not only would track her typing in her device
be it a smartphone, Tablet or Laptop but also be able to take screenshots of
her online activity while typing. The hacker can then remotely retrieved the
information as the installed keylogger would simply upload it to a Cloud Driver
or Server for retrieval to be used for whatever purposes the hacker desires.
In other words, just like the hack of the JIS Websites in
June 2015, the only difference being that the vectors for the hack was email
with an attachment, basically a trojan horse.
Dr Khia Duncan has
no case, really – With Friends like Doctors, who need enemies
Other possibilities exist, but they basically boil down to
the same thing; a keylogger was involved to capture her Login and Password and
take screenshots of her online activity.
In this alternate scenario, Dr
Khia Duncan used an Internet Cafe, the computer she was on may have had a
keylogger installed for remote viewing, a popular technique used to steal logins
and passwords as well as Credit Card information as noted in my Geezam blog article “How to
use Scotia VISA Debit Card Online”.
In fact, the hacker could even be one of her own medical
staff who loaned her a Laptop to use the Internet and which had a keylogger
installed. That keylogger then gave the hacker the ability to read all she'd
typed, take screenshots as well as gain access all her accounts and not just
facebook.
That “friend” could have also possibly borrowed her
smartphone or tablet, allowing them to sideload or install a keylogger program
onto her device, allowing them to watch her type and thus take screenshots of
her online activity.
Worse, if she uses the same password for all her online
accounts, be they email, Facebook, twitter, etc, they’ll soon be posting more
than just pictures of her nude (which I’m dying to download….anybody out there,
link me please!).
They'll be accessing her bank accounts and stealing her
Credit and Debit Cards, if she’s does any shopping online.
It's for this reason that Fellow blogger Kemory Grubb
pointed out that you cannot use the same password for all of your online
presences. This as once they've got one, the hacker will try that one password and
login combination in a bid to unlock all of your accounts as explained in the Geezam blog article entitled “How Passwords are
Cracked: Never Use one Password on All Accounts”.
Like a thief using a set of copied keys to gain access to
your house.
Abka Fitz-Henley
vs Dr Khia Duncan – No Case submission as Dr Khia Duncan was careless
So the hacker isn't Nationwide News journalist Abka Fitz-Henley.
More likely it's one of her own Medical doctor friends,
possibly someone who's jealous of Dr
Khia Duncan and possibly with connections to her father's rival, PNP member
Ian Hayles.
They either got a hold of her smartphone or tablet
temporarily or even her Laptop of desktop computer and installed a keylogger,
possibly even using the advice from my blog article
entitled “Professor
Marco Gercke warns of Scammers using Keyloggers for Spear Phishing - How to use
Keyloggers and how to Protect yourself from Scammer's American Hustle for Fast
Cash”.
To add further injury to insult, the Facebook page for Dr
Khia Josina Duncan has no blue check mark that indicates that this is a
verified Facebook account belonging to her. Thus, the case will be wrapped up
very quickly, as she cannot even prove that it's her account, even if she
logged in on a computer in the courtroom in the presence of the RM (Resident
Magistrate).
 |
This as if a keylogger on her smartphone, laptop or Tablet
can save her password as typed, then it means she was negligent in securing her
login and password access to her “free” Social Media account, which is really
her responsibility.
The fact that Nationwide News journalist Abka Fitz-Henley may have
allegedly had a copy is purely coincidental.
If I was the hacker, the first thing I'd do was to meet with
the journalist in a private FB Chatroom, WhatsApp, or even Whisper to keep my
identity anonymous as explained in my blog article
entitled “Whisper,
the Anonymous Secret Sharing Social Mobile Network – Confession of Awkward
Moment being revealed fuelled by the desire to Bare your Soul to Strangers”
and give him a tip.
Failing that, I’d just start posting it all over the place;
Facebook Groups, YouTube, Google Drive link and yes, Twitter, Jamaica’s weapon
of choice. Because of these reasons, I suspect that case won't really get off
the ground and if it does, it’ll be very short and won’t pass a hearing!
The lesson here, really, is to just not lend your
smartphone, Tablet or Laptop to your friends and to use TSV (Two Step
Verification) as described in my blog article
entitled “How
to enable Apple iCloud TSV using Apple ID – Apple iCloud Fappening created
Hipster Trend of Flip Cellphones, Vinyl Records and Polaroids”.
After all, in the Game of Politics in Jamaica, the enemy of
your enemy is still your enemy!
Here’s the link:
Abka
Fitz-Henley Twitter Account: @AbkaFitzHenley
Khia Josina Duncan
Twitter Account: @KhiaJosina
Cliff Hughes
Twitter Account: @cliffnationwide
No comments:
Post a Comment