9 Comments
Jul 17, 2020Liked by Jeremy Arnold

The NYT article you linked quotes an intelligence agent who does not think it was a state actor: 'But its nature — “effective, but also amateurish' in the words of one senior American intelligence official — led American intelligence agencies to an initial assessment that this was most likely the work of an individual hacker, not a state."

Expand full comment
author

Yep. Re-reading it, I clearly missed that bit. Will amend accordingly. (If you DM me your email on Twitter, I'll send you a bounty. Else let me know your preferred charity and I'll make an online donation.)

Expand full comment

Thanks for the response, I appreciate your policy. If you can, I'd appreciate a donation to the Alameda County Community Food Bank:

https://www.accfb.org/

Expand full comment
author

Sent them $25 USD just now. See receipt screencap in log here:

https://docs.google.com/document/d/1lBdi2hBil09BUhh47jv8wUXtAjguUtR3Guo76db8HwI/edit

Thanks for keeping me honest!

Expand full comment

Hi Jeremy, social engineering refers to tricking an employee into giving up access. The two hackers bribing an employee scenario is essentially the same thing; in both cases an insider would have given up system access to an outsider. So IMHO for your point #2, these two scenarios are reconcilable.

Expand full comment

"Would a party who went through all that work throw away their gained advantage on something so relatively trivial as $100-200k?" It may not have been thrown away. There may well be back doors hidden behind. This was a public humiliation and a demonstration that the hackers may have the power to do it again. At the same time, the behind the scenes political fallout is huge, we have the makings of another Wikileaks style bomb... but no one yet knows where it's targeted.

Expand full comment

What about direct write to the database? It was my first thought and would explain why they couldn't shut it down within accounts, and greatly simplifies posting to multiple accounts (vs access). Basically a sophisticated spoof

Expand full comment
author

Hmm. I guess it’s not impossible. Recovery emails could have been misdirect. That said, hard for me to get a sense of this without understanding their internal architecture better.

Expand full comment