Black Hat events say that suspicious email was due to volunteer's mistake
Delegates attending this week's Black Hat conference in Las Vegas have reported recieving a suspicious email.
Approximately 7,500 delegates received a registration email from ITN International which contained a URL and the subject line ‘your admin password'. According to organisers Black Hat events, ITN is handling on-site registration and check-in systems at this year's show and ‘some idle hands browsed their way to a screen'.
Trey Ford, Black Hat general manager, said that this was due to an ‘abuse of functionality by a volunteer who has been spoken to' and having reviewed the server logs, it has spoken with the volunteer who has emailed each registered delegate.
Ford said that Black Hat loves ‘to tease people that your systems need to be ready to hold their own if joining the Black Hat network and in this frame of mind, the community very correctly expected a prank or act of malice'.
An official statement read: “Our most valued assets at Black Hat are our delegates and their privacy. We work very hard to maintain that. We want everyone to come to Black Hat to learn and enjoy their time without fear of having their personal or professional information compromised. We are happy to report there are no signs of compromise.”
The email caused the term 'BlackHatphish' to trend on Twitter yesterday, with some asking who had received or seen the email. Richard Bejtlich, chief security officer at Mandiant and blogger at TaoSecurity, said that he was going to use it as an example of how to handle real phishing incidents in his presentation.
Paul Ducklin, head of technology for Asia Pacific at Sophos, said that this was suspiciously ‘phishy' as it was a plain-text email allegedly containing a password, included a login link and a link in an email to a site other than Black Hat, and it was from an organisation other than Black Hat.
He said: “As Black Hat has just been reminded: you can't outsource your accountability. The volunteer's behaviour doesn't explain away the phishiness factors listed above. It sounds as though the Black Hat conference might indeed have sent you an email of this sort. Just not this one.
“How about your organisation? Could you have made a blunder like this? If so, now would be a good time to revisit your policies and procedures surrounding mailing lists and email blasts!”