Security News

Mr. Robot review: eps2.6_succ3ss0r.p12

Stefanie Smith, 25 August 2016

Read as we break down this week’s episode of Mr. Robot, which was rich in mobile malware and account breaches.

Rami Malek must have been on vacation the week that this episode of Mr. Robot was filmed, since Elliot makes absolutely no appearances during the entire episode, not even via flashback. Darlene is very violent this episode, committing her first murder and then knocking her boyfriend Cisco out with a bat in the last scene!

Aside from Darlene’s violent outbursts, the amount of action in this episode wasn’t particularly overwhelming. The FBI is busy trying to catch fsociety, but isn’t doing too good of a job. An agent is put up to the task of getting information from Angela by going on a date with her, but he gets no where. Mobley is taken into custody, but he is only questioned on his connections with DJ Mobley and asked if he has any information on Tyrell Wellick.

The FBI is spied on during a conference call and fsociety exposes their unwarranted surveillance of three million citizens.

The episode, like most episodes this season, begins with a flashback that shows how fsociety was created. Trenton and Mobley are waiting at Ron’s Coffee shop and get into conversation about their phones and the Wi-Fi. Being the hackers that they are, each tries to hack the other to gain more insight into one another.

Stefanie: On Trenton’s screen, we see commands that include the words “Stagefright”. Did Trenton abuse the Stagefright exploit to gain access to Mobley’s Nexus?

Jaromir Horejsi, senior malware analyst: Yes! Trenton seems to have sent Mobley a link to a multimedia file or MMS message, which then causes Mobley’s Nexus to be compromised via Stagefright vulnerabilities. His compromised Android device connects back to Trenton, who, in this case, is the listener and is using listener.py, an application that listens for new incoming connections from infected devices. Stagefright affected about 95 percent of Android devices when it was discovered last summer and allowed hackers to exploit a set of vulnerabilities, which then gave them root access to a device.

Stefanie: How can people protect themselves from vulnerabilities like Stagefright?

Jaromir: It’s not always easy to protect yourself from vulnerabilities like Stagefright because system vulnerabilities require patches, which need to be created and distributed through the software producer.

In the case of Stagefright, disabling automatic retrieval of MMS messages could disable one potential infection vector, but other vectors, such as browsing websites with malicious multimedia files, were not mitigated by applying this measure. Google has since sent out a patch, so if you haven’t updated your Android software since last summer, I highly recommend that you do so now.

Always be cautious when opening files, visiting websites and clicking links that may seem suspicious, even if they come from a friend or a stranger like Trenton who you just met at a coffee shop. Whenever an update for Android or any other software that you use becomes available, you should always update!

An FBI agent, Susan, makes a surprise entrance at fsociety’s new headquarters, which also happens to be her home. Trenton gets into a confrontation with Susan, and she ends up hitting her head pretty hard, knocking herself out. Fsociety panics and hacks her PC and phone. They request to reset her Gmail password, which sends an email with a link to her Yahoo account so she can create a new password for her Gmail account.

Stefanie: It seems that fsociety having access to one of Susan’s passwords quickly turned into them gaining access to her other accounts. How can this happen?

Jaromir: As we saw, fsociety had access to Susan’s Yahoo account. This was linked to her Gmail account, so when fsociety requested a password change, the email was sent to her Yahoo account. This allowed them to change her Gmail password.

Stefanie: How can people prevent this from happening to them?

Jaromir: Two-factor authentication! When you log in to your email account or change its settings, a confirmation code is sent to your phone in the form of an SMS, voice call or mobile app. If all goes well, unlike in Susan’s case, the people trying to hack your account won’t have access to your mobile device and this will prevent them from being able to log into your account.

What did you think of the episode? Let us know in the comments below!

Image via: USA Network @whoismrrobot