NBC's report about “instant hacking” of laptops and Android phones in Sochi exposed as media hoax

If you are to trust NBC, your privacyconcerns while visiting the impending Sochi 2014 Winter Olympicsdon't end with having to use the now-infamous double toilets. Thisreport, aired in prime time on Feb 4, begins with a statement thatAmerican tourists "should have no expectation of privacy, evenin their hotel rooms" - those are the actual big, scary words.

It proceeds to show how a MacBook andan Android phone download "malicious malware" the momentthey get connected to Russian Wi-Fi; goes on to have a Kaspersky Labsrepresentative confirm (out of context) that Sochi's "hugeinfrastructure" is a "hacker minefield", and cuts tosomeone running "specialized hacking software" - a Ubuntuterminal. Suddenly, prime-time TV viewers are sucked into watchingone of those laughable 90's "hacker movies", amplygarnished with a spoonful of Cold War-era Russian phobia!

As our technology media comrades putit, this report is so misleading that one almost doesn't know where to begin with discussing it. Unfortunately, the computer and media-illiteratepeople of the general public could easily fall for the nonsense inNBC's news piece. Thankfully, Robert Graham of Errata Security, acollective always willing to disrupt a bogus hacking story andprovide an honest perspective on cybersecurity, stepped in with aquick, cold breakdown of the report.

All of what you saw represented as athreat to foreigners who dare browse the Internet in Socchi, isdeliberate and "100% fraudulent". The "hacking"in the story boils down to visiting sketchy Olympic-themed websitesinfected with malware - sites visible from all corners of the world. Moreover, in the report, which is entirely centeredon cybersecurity risks present in Sochi, the devices are actuallyoperated in a Moscow cafe - and that's made clear in the verybeginning. What is going on? Terrible storytelling is the shortanswer.

The scene in which the Android phonegets "hacked", is acted out in the same way - by allowing adownload of an infected .apk from a malicious Sochi-themed website.This is something any user can do everywhere, willingly, if he'sfeeling adventurous.

Kyle Wilhoit, the "top Americansecurity expert" from the report, is a Trend Micro threatresearcher who is being impressively professional about hisinvolvement in the compromised news piece. Hetook to Twitter and explained that all the editing and TV-magic"got the best of the story". It appears all the importanttechnical discussion was cut away to make an "interesting newsreport".

The final summation is that NBC triedto engineer a public scare by sweeping the relevant backgroundinformation under the rug, while presenting the most "impressionable"quotes from security experts out of context. What it ended up doingis a prosaic example of dated media brainwashing.

source: ErrataSecurity via AndroidCentral