StrongWebmail CEO’s mail account hacked!



The History: StrongWebmail offered $10,000 reward to the person who breaks into their CEO’s email. To show their strength and belief in their product, the CEO even provided his user name and password (CEO at; password= Mustang85).

Official words: “ is offering $10,000 to the first person that breaks into our CEO’s email account…and to make things easier, we’re giving you his username and password.  There’s just one catch: to access a email account, the account’s owner must receive a verification call on his pre-registered phone number. So even though you have our CEO’s username and password, you still have some work to do because you don’t have access to his telephone.”

Check out the contest rules here.

As of Today: [StrongWebmail CEO’s mail account hacked via XSS]

A trio of hackers successfully compromised the e-mail using persistent cross-site scripting (XSS) vulnerability and are now claiming the bounty.

The hacking team of Aviv Raff, Lance James and Mike Bailey set up the attack by sending an e-mail to the company’s CEO Darren Berkovitz.   When he opened the e-mail, the team exploited an XSS flaw to take control of the account.

The screenshot of the hack are available in TwitPic : Screen Shot 1, Screen Shot 2.

Result: Whether the hack was good or not for the company’s business that for the future to tell. On the positive side the StrongWebmail got some media coverage/publicity. I can bet most of the readers would have never heard about StrongWebmail before but now you do! (Read FREE Publicity)

Popularity: 1% [?]


One comment for “StrongWebmail CEO’s mail account hacked!”

Ads by Google

On Facebook

Bawaal on Facebook