Black Hat: Phishing E-Mail Scare A False Alarm

The annual Black Hat Briefings hacker conference got off to a rocky start Sunday after thousands of registered attendees received a fishy smelling “account password reset” e-mail that contained a suspicious URL. But a message from conference organizers hours later said the errant e-mail was no phishing attack, but merely an “abuse of functionality” by a bored Black Hat volunteer.

The annual Black Hat Briefings hacker conference got off to a rocky start Sunday after thousands of registered attendees received a fishy smelling “account password reset” e-mail that contained a suspicious URL. But a message from conference organizers hours later said the errant e-mail was no phishing attack, but merely an “abuse of functionality” by a bored Black Hat volunteer.

The e-mail, with the subject line “Your admin password” was sent to around 7,500 people who have registered to attend the annual hacker confab in Las Vegas, Nevada at around 11:50 AM on Sunday.

The brief e-mail, sent from an e-mail at itn-international.com read: “This is a note from BlackHat 2012. You have requested a new password. Here are your details.” That message was followed by a blank Username and Password and a URL that recipients were asked to use to sign in.

Reaction from BlackHat’s notoriously security-conscious attendees was swift. Security experts used their Twitter accounts to inquire about what many assumed was a phishing e-mail or social engineering attack.

Just got a fake pw reset email for my  account. And so it begins…” wrote Bob Lord (@boblord) of Twitter’s own security team.

Just three hours later, however, conference organizers set jangled nerves to rest, acknowledging in a blog post that a volunteer tinkering with a loosely secured script on a Black Hat registration server belonging to ITN, the company handling Black Hat’s registration, was responsible for sending out the e-mail blast to conference attendees.

“We have reviewed the server logs, we know the user, host, and have spoken with the volunteer who has emailed each of you this morning…The email this morning was an abuse of functionality by a volunteer who has been spoken to,” wrote Black Hat general manager Trey Ford. “This feature has since been removed as a precautionary measure.”

The annual Black Hat Briefings show, which takes place in Las Vegas, brings together some of the world’s top hacking talent. The show is no stranger to hacks, practical jokes and legal blow-ups. Attendees connecting to conference resources using insecure laptops, Web browsers or wi-fi connections are known to be called out publicly on a giant “Wall of Sheep.” Furthermore, security experts are more than happy to use the Black Hat network and conference attendees as their testbed. In 2010, for example, a security expert showed how Internet users could view the conference proceedings for free by exploiting vulnerabilities in Black Hat’s web site.  

Suggested articles

It’s Not the Trump Sex Tape, It’s a RAT

Criminals are using the end of the Trump presidency to deliver a new remote-access trojan (RAT) variant disguised as a sex video of the outgoing POTUS, researchers report.