Hacker Finds Vulnerability In Mr Robot Website

Irony reloaded : Mr.Robot website has a serious XSS vulnerability

The man who teaches the world the dangers of hacking is himself vulnerable to cyber attacks. This was revealed by a white hat hacker on Tuesday who found serious vulnerability in Mr.Robot website.

The hacker whose handle is Zemnmez, found the flaw on the new website for Mr Robot, the hit USA Network show. Zemnmez said that the vulnerability easily allows him to to pwnย fans of the show visiting the website, tricking them into giving over much of their Facebookย account details.ย 

Zemnmez said that shortly after a quick note to Mr Robot writer Sam Esmail, the vulnerabilityย patched by the administrators.

The website in question, whoismrrobot.comย had a seriousย vulnerability, known as a cross-site scripting (XSS) flaw. Zemnmez found the vulnerability theย same dayย Mr Robot kicked off a promo campaign for the second series, airing on July 13th.

The launch itself was pretty impressive with a hacked voice over video of President Obama condemning a destructive attack launched on the US financial system at the end of the first series, and a website,whoismrrobot.com, mimicking a mix of Linux command line and IRC chat.

Mr.Robot has been lavishly praised by all including hackers who often bemoan the films and TV serials for showing them as nerds or super humans who are able to do anything by clicking enter on a keyboard. The TV serial has beenย relatively accurate in its portrayal of hacking, which makes it even more interesting.

Zemn immediately sought to disclose the weakness on Tuesday Mayย 10th, but could find no suitable contact on the website. FORBES pointed him in the direction of Esmail, whose contact information could be found in old domain records. USA Network owner NBC Universal confirmed later that the website had been patched.

Read More

Suggested Post