The Mr. Robot Hack Report: Bitcoin burglary and self-destructing hardware
Mr. Robot is a show built on hacks. The mother of all hacks serves as the big cliffhanger at the end of the show’s first season, and nearly every plot development leading up to it was nudged along by some kind of exploit. It’s rare to get through an episode without at least one digital intrusion, often drawn from real life. Each week, we’ll be running through Mr. Robot’s C Y B E R activities — who got hacked, why, and how much magic would be required to make them actually work.
* * * S P O I L E R S F O L L O W * * *
It’s been a bad week for fsociety. Elliot is still out of commission, glitching out in the pastoral refuge of Queens. Romero is dead, Mobley and Trenton are on their way out the door, and for the first time in the series, it looks like law enforcement might actually catch someone. The episode ends with special agent and devoted Alexa owner Dom DePierro stumbling onto fsociety’s Coney Island HQ, the first solid lead of the season.
But despite Elliot’s digital detox, the episode still managed to fit in a few good hacks, ranging from a booby-trapped computer to a catastrophically insolvent Bitcoin bank. So let’s see how they stacked up!
The wallet is too hot
In one of the episode’s most ominous scenes, Craig Robinson’s Ray and a friend try to convince a badly beaten developer into restarting his Bitcoin service. Every time he starts it up, he explains, someone steals a bunch of money and crashes the server. The whole thing needs to be migrated to a new server and protected through rotating system of hot and cold wallets, which he’s not sharp enough to do on his own.
For anyone involved with Bitcoin, this scenario is so realistic it hurts. We’ve got all the familiar signs here: a naive developer playing with code he doesn’t understand, savvy thieves exploiting the vulnerabilities he doesn’t understand, and finally a squad of angry criminals descending on him for screwing up their meal ticket. Unfortunately, this sort of thing happens a lot — although physical violence is, as far as I know, still fairly rare.
The obvious comparison is Mt Gox, which flamed out spectacularly in 2014, leaving as much as $400 million in bitcoin missing in its wake. But while it’s the biggest bitcoin theft, it’s far from the only one, and similar thefts have hit both BitStamp and Ethereum’s DAO. Smaller-scale thefts have also happened on more conventional exchanges like Coinbase. In each case, it’s taken a lot of technical help to pick up the pieces.
When a theft is big enough to bring down the entire marketplace, there are often a lot of angry criminals in the wings. The Silk Road and its successors were great places to sell drugs, and bitcoin is still the preferred currency for ransomware attacks. But you can’t make money if you can’t keep your wallets safe, so closing the bank usually stops the rackets, too. It’s not clear exactly what scam Ray is running and where it will go, but for now, the interesting thing is that Bitcoin — particularly the drugs-and-robbery side of Bitcoin — is at the center of a potentially major plotline.
Fire in the CPU
As the FBI starts to investigate Romero’s death, we get a reminder of just how good he was at covering his tracks. When the agents plug in his computer, it literally bursts into flames, just moments after DiPierro asked if they’d checked the ports for booby traps. This is what happens when you don’t listen to women!
This turns out to be a scenario that real-life hackers worry about all the time, and they’ve built lots of clever programs and devices to wipe a computer if it falls into the wrong hands. My personal favorite is a 2009 project called DECAF, so-named because it’s designed to nerf the COFEE forensics suite used by the FBI. There are also USB keys that will fry your computer into oblivion when you plug them in — and it’s easy to imagine the same system on a port rather than a stick. There are also self-destructing computer chips (courtesy of DARPA) and file structures that will delete your data if it falls into the wrong hands.
Of course, none of those will make flames shoot of your fan vents. The most I could find on that was someone on Quora who suggested lining your hard drive with thermite, which seems like a wildly bad idea. With any of these systems, there’s a very real chance of accidentally blowing up your own computer and possibly yourself— but I suppose fsociety is used to living on the edge?
R u a phreak
This isn’t really a hack, so much as some extremely vintage jargon that I simply could not ignore. In the cold open flashback, we see Mobley tempting Romero back into fsociety by saying that the group needs a phreaker, and he’s the best one around. There’s an Ocean’s Eleven vibe to the whole thing, which is particularly effective because “phreaker” sounds so cool.
As true ’90s kids know, phreakers specialized in breaking into the private networks run by the phone company, typically by masquerading the clicks, and beeps of a phone. It’s a fascinating chapter in hacking history, but most historians would tell you it peaked in the ’70s. (http://www.historyofphonephreaking.org/faq.php) As the old copper networks are replaced by fiber optics, most of the classic phreaker tricks have stopped working. Modern phones are just computers sending data over strands of glass like every other computer, and while you can still totally hack them, it’s not really phreaking in the classical sense.
That’s not to say Romero couldn’t be an expert phreaker! He’s old enough and could have spent years honing his skills. But what job is Mobley going into that requires hacking through a Clinton-era copper network? Or maybe the flashback was taking us a lot farther back than I thought?
As always, I only covered the hacks that jumped out to me, so let me know if there’s anything else that left you scratching your head, either in this episode or in the show more broadly. And if you’re curious about the rest of the show — like who killed Romero, what’s up with DiPierro’s Alexa, and where Tyrell has been this whole time — check out the Mr. Robot Digital After Show, embedded above. Otherwise, see you next week!
by 