Home » Technology » Virtualization » Mr. Robot: Why hackers are taking their inspiration from the hottest show on TV
In late August, tech sites were buzzing with news of a new piece of ransomware. Discovered by Michael Gillespie, a security researcher for MalwareHunterTeam, the code had been uploaded to VirusTotal.com, but has so far no infections have been reported. The interesting thing about this particular ransomware is that it seems to have taken its inspiration directly from hit hacktivist show Mr. Robot.
According to a blog post from Avria, The file is a variation on EDA2 – an open-source code often used to create ransomware – and the extent of its damage seems to be changing your desktop background to the logo of FSociety, the hacking group in the show, as well as encrypting a testing folder on the Windows desktop to “.locked” extension files. As a word of warning, do NOT try and download this to see whether it’s really as harmless as Avria thinks. The developer may have made it more dangerous in the weeks since this hit the news.
Whether this is a genuine piece of malware, someone’s idea of a joke, or a clever bit of viral marketing, it’s a testament to Mr. Robot’s popularity with both sides of the cybersecurity fence.
The show’s antihero is Elliot, a socially-awkward hacktivist misfit. During the day he works as a cybersecurity engineer in an office where he struggles with both office banter and the strict dress code. At night he combats his loneliness by hacking into the online lives of those around him, fuelled by a mix of curiosity and social justice. The opening scene of the pilot sees him confront the leader of a child pornography ring “IRL” whose dark web activities Elliot stumbled upon before tipping off the police.
Eventually Elliot is drafted into FSociety by the mysterious Mr. Robot, played by Christian Slater. The group’s mission is to take down E Corp, the fictional megaconglomerate that just so happens to be the biggest client of Elliot’s firm.
The show is now almost two seasons old, but because this is 2016 you can catch up online, and we recommend you do. Hollywood has a history of getting computers horribly wrong, apparently thinking that putting complicated green text on a black screen and chucking in words like “mainframe” and “protocol” was enough to get by. However, the writers of Mr. Robot know their stuff. In series one we see a rootkit virus, with a major plot point hanging on the insertion of an IP address into a .dat file. There’s even a brief slice of dialogue between Elliot and one of the E-Corp suits about the benefits of GNOME vs. KDE. Heck, even the episode titles are formatted to make them look like various video containers (season 1) and encrypted files (season 2).
As the story progresses we’re treated to honeypots, a Chinese hacker group, smart home hacks, the use of a Raspberry Pi to take over an air-con system, and a fake fax machine. For much more detail, The Verge has a good running series of articles detailing some of the tech behind the show after each episode, as well as an official “after show”, if that’s your thing.
But perhaps the most interesting ways in which Elliot and FSociety get their information is via “human exploits”, or good old fashioned trickery. In other words, giving someone a false pretext to elicit information from them. Often the easiest way to crack someone’s password is to trick them into giving it (or their mother’s maiden name, or the name of their first pet) to you. Hackers have been using confidence tricks like this for decades to break through some of the toughest security systems on earth. A useful reminder that no matter what level of encryption, no matter how many factors of authentication you might have coded into your systems, there’s still a soft, fleshy weak point controlling it all.