Welcome to Sochi. Bam, you’re hacked. How real is this scenario?

A video warning all Sochi Olympic visitors that their electronics will be immediately hacked as soon as they turn them on has been circulating widely. The video is below.

There is a lot to digest here. First, there’s the alarming open:

As tourists and families of athletes arrive in Sochi, if they haven’t been warned, and if they fire up their phones at baggage claim, it’s probably too late to save the integrity of their electronics and everything inside them.

Yikes. Can this possibly be true? At first blush, this sounds like an incredible overreaction. This report was filed by NBC’s Brian Williams and Richard Engel, not some novice journalist. There’s background assist from Kyle Wilhoit, a Senior Threat Researcher at Trend Micro.

Jump to about 1:13 in the video to watch Engel open a brand new MacBook Air. Made me want to cry. Doesn’t give me a lot of hope that these two know what they are doing. But I digress.

The team went to a local wifi hotspot and fired up a smart phone. Immediately, they see a downloading message. Clearly an Android phone. Wilhoit concludes that they are being hacked, that malware is being installed on the phone. Wilhoit does not say how he knows this, just that it’s malware. I’d like to know more. Could it be an update? Perhaps a file the phone needs to deal with an unknown carrier?

Next, the team heads back to the hotel, where they had left two brand new computers up and running. One of them was a brand new MacBook Air (with a horribly mangled box). As the video says, the hackers came sniffing around within minutes and within 24 hours, the hackers had taken over both computers.

Again, I’d really like to know more. Did they leave both computers in their default state? Did they enable any firewall or take any steps to protect the computers? Were the computers purposely made easy to penetrate?

You can read about Wilhoit’s techniques here (thanks to Steve Hayman for the link). While interesting, much of the background is missing. He promises more tomorrow.

If I was traveling to Sochi, I would heed the advice in this video and leave any important data at home. Assume that the contents of your smart phone and computer will be copied while you are there and only take what you can afford to have taken.

I look forward to learning more about this scenario.

UPDATE: Follow this link for a far less edited version of the video. They were purposely careless. The phone is a Samsung Android phone. They followed a URL that led to an apk file and knowingly downloaded the unknown application. True, many people would do that, but anyone with even a slight bit of tech savvy would know not to do that.

Next, they purposely opened an unknown email attachment on their computer. Yeesh. I call BS on the whole report. Disappointed in NBC.



  • Carlos

    I watched the video yesterday and it looked pretty strange to me. Few details and a very sensationalist tone. To me it seems an attempt to sell antivirus and security software.

  • Odi Kosmatos

    If it can happen in Russia it can happen here. We’re on the same ball of dirt. I call B.S.

    • JohnDoey

      That’s not strictly true. The difference is not US versus Russia, but rather your home country versus a place where you are a visitor.

      Even if you travel only a few kilometers from Detroit, Michigan, USA to Windsor, Ontario, Canada — possibly the mildest of all international travel — that means an entirely new set of phone carriers, commercial Wi-Fi providers, regulations, law enforcement agencies, currency bills and coins, banks, credit card processors, and official languages. While you are dealing with all that complexity, you’re an easier target than you are at home, performing comfortable routines.

  • gjgustav

    Over on Reddit, he claims some sketchy antivirus software was installed on the MacBook. So some non-standard activity was performed.

  • Stig

    On first boot, I believe OS X enables screen sharing and SSH login. This to make it easier to set ut new machines without a screen. With the firewall off (default setting), and a weak password – not hard to get access.

    • JohnDoey

      But that is apparently not what happened. They opened up spam email attachments.

  • James Hughes
  • JohnDoey

    It’s like they set out to show that you will be immediately mugged in Sochi, and then they went out walking in the worst neighborhood, late at night, with money hanging out of their pockets, flashing a Rolex around, and then they got mugged.

  • mikey

    While it’s easy to jump to the “only an idiot would use a computer the way they did” conclusion, we must remember that the most popular password, 12345, was replaced this year by 123456. So this video may be reaching a pertinent audience.

  • Disappointed in NBC.

    Why? You expected better from them? Why?

    It’s as if you have no prior experience with the network!