‘White hat hacker’ talks directly to man through his Nest cameraDecember 20, 2018
‘White hat hacker’ talks directly to man through his Nest to inform him that the security camera was compromised after his password leaked online
- Andy Gregg was startled when he heard a voice coming from his Nest camera
- The voice said they were a researcher from the Anonymous group in Calgary
- Said he wanted to inform Gregg that his security camera could easily be hacked
- Hacker said he had no malicious intent and told Gregg to change his password
A Phoenix man thought he was getting robbed when he first heard an unfamiliar voice inside his home.
But Andy Gregg was even more startled when he realized the voice was coming from the Nest security camera he had installed at his front window.
The voice informed Gregg that the very camera he installed to make his home more secure had actually been compromised after his password was exposed online.
Gregg had been hacked.
Andy Gregg, of Phoenix, recently discovered that his Nest camera had been compromised after his password was exposed online. He was informed not by Nest, but by a hacker
Nest Cam security cameras are connected to cell phones and provide 24/7 live streaming as well as a built-in speaker and mic so you can hear what’s happening at home and talk to family, children, or intruders.
This hacker assured Gregg that he had no ‘malicious’ intentions by accessing his Nest. He was actually a ‘white hat hacker’, a computer security specialist who hacks into protected systems and networks to assess their security.
‘Please, please don’t be scared or frightened,’ the voice told Gregg before explaining he is a researcher from the Anonymous group in Calgary, Canada.
The man recited a password that Gregg had used for multiple websites and then said ‘I’m here to help you’.
‘We’re white hats, we don’t have any malicious intent,’ he added. ‘I just wanted to tell you so that you can change your password before someone tries to hack you and do something malicious.’
Gregg then asked if the man could see where he lived.
‘I don’t know where you live right now but if someone was really that dedicated, they could geolocate an IP [address],’ the white hat explained.
‘They could see when you’re home. There’s so many malicious things someone could do with this.’
A ‘white hat hacker’, a computer security specialist who breaks into protected systems and networks to test and assess their security, had accessed Gregg’s Nest. Pictured is a file photo of a Nest Cam IQ outdoor security camera
When Gregg asked how the hacker knew he was home, the white hat said he just got lucky.
‘To be honest, I didn’t know you were home,’ he said. ‘I’ve been logging into accounts and I could just hear some movement so I figured I’d ask if anyone was there.’
‘I was almost not going to say anything and wait until tomorrow during the day, but I figured I might as well tell you as soon as I’m in before someone else tries to.’
The hacker advised that Gregg change his password and use Nest’s two-factor authentication option.
‘Even if someone does get your password, they can’t do what I did and login,’ he explained.
He also revealed that Gregg could Google ‘Have I been Pwned’ and find out everywhere his password was leaked.
‘Well damn, that’s actually insane,’ Gregg replied. ‘Thank you for letting me know and I appreciate you doing it, a little bit of a wake-up call.’
Gregg heard the hacker’s voice speaking to him from the Nest he had installed at his front door (the blue lights are coming from the Nest camera while the hacker speaks)
The hacker revealed that while he couldn’t immediately find out where Gregg lived, it would have been easy to ‘gelocate an IP [address]’
‘Have a good night man,’ the hacker responded. ‘Again, I’m sorry if I freaked you out. You’ll never hear or see from me again.’
Gregg said that, after the incident, he is giving up the Nest.
‘I am going to get rid of the camera entirely. I mean the best form of security, in my opinion, is a dog,’ he told KSAZ.
‘I’m going to kidnap your baby, I’m in your baby’s room’:…
‘I don’t know how long someone’s been watching me’: Mother…
Share this article
Nest reiterated in a statement that users should set up two-factor authentication to add ‘another layer of account security’.
‘We have seen instances where Nest customers have reused passwords that were previously exposed through breaches on other websites, and made public,’ a spokesman said.
‘None of these breaches involved Nest. We are proactively alerting affected customers to reset their passwords and set up two-factor authentication.’
Source: Read Full Article