Security

John McAfee: Ashley Madison hack may ‘destabilise society’

Oh yeah, and I hacked it again myself, it was easy peasy

Wildcard former securityware kingpin John McAfee reckons the Ashley Madison adultery-site hack threatens to "literally destabilise society", and was definitely the work of an individual acting alone.

For reasons that no doubt seem good to him, he said he has also breached the site again himself.

The one-time Guatemalan trinket peddler's pronouncement follows his earlier judgment that May's Adult Friend Finder hack was "one of the scariest hacks since the existence of computers".

That title, in McAfee's mind, now clearly belongs to the breach of Ashley Madison. He made his latest assertion using popular blogging platform and IB Times.

Portraying himself as somewhere between giggling and despairing at the Ashley Madison events, less than 24 hours after the breach McAfee decided to find out how difficult it might be to penetrate the infidelity institution once again.

From the comfort of his own bed, he claims, he called Avid Life Media, Ashley Madison's parent company which also runs the Cougar Life and Established Men websites. These "were all hacked" he reminded readers. "So we are really talking about 50 million people, not 37 million."

Phoning around and compiling the names of the the IT department head and those of the head's inferiors, McAfee rang each until he found a number which did not provide an answer, which, he wrote, offered him a key social engineering opportunity.

I called the corporate headquarters back and agitatedly informed them that I had an urgent legal matter with that person and that I must immediately speak with his assistant or secretary, and that only they could help me.

Without question, and immediately, I was connected with his secretary. I posed as a member of an international enforcement agency – that does not really exist, by the way – and implied that her boss might have been involved in the recent hack and I needed to verify that she really was who she said she was.

Within 30 seconds of saying hello I had both her password and her boss's password written down.

McAfee claims to have thrown both passwords away and to have no intention of doing anything with them.

Sponsored: Global DDoS threat landscape report

Next page: Loner moaner