Tv5Monde revealed his own passwords in an interview

Pierluigi Paganini April 10, 2015

A TV5Monde staffer accidentally revealed a password used to access the social media account of the broadcaster in an interview.

Following the successful attack against the network of the TV French Channel TV5Monde, law enforcement and French Intelligence started to investigate the attach chain.

Investigators speculate that one of the possible way hackers obtained credentials for systems at TV French Channel TV5Monde is the view of an interview that accidentally revealed the precious information.

While a TV5Monde reporter was filming David Delos in front of a staffer’s desk, it was visible in the background a paper reporting a list of usernames and passwords.

“In an interview with French news program 13 Heures, TV5Monde reporter David Delos unwittingly revealed at least one password for the station’s social media presence. That’s because he was filmed in front of a staffer’s desk—which was smothered in sticky notes and taped index cards that were covered in account usernames and passwords.” reported ArsTechnica.

TV5Monde hacking password revealed

The passwords visible in the video interview are related to Twitter, Instagram and YouTube accounts. The  YouTube password was very easy to read, it was “lemotdepassedeyoutube” (Its translation is “the password of YouTube”).

In a different video it is visible a Post-it attached in front a monitor that reports the password “azerty12345” used on the main server hosting the website and other data of the TV5monde broadcaster.

TV5Monde hacking password revealed 2

TV5monde managers are talking about a prepared, powerful and coordinated attack, but honestly, this type of password doesn’t require any specific expertise to crack it, being easily crackable also by an amateur.

There is a moral lesson to take from this story, and the message is that even if you heavily invest in security measures to protect your assets, you continue vulnerable to human error, with social engineering.

Humans are the weakest link in the security chain.

About the Author Elsio Pinto

Elsio Pinto is at the moment the Lead Mcafee Security Engineer at Swiss Re, but he also as knowledge in the areas of malware research, forensics, ethical hacking. He had previous experiences in major institutions being the European Parliament one of them. He is a security enthusiast and tries his best to pass his knowledge. He also owns his own blog http://high54security.blogspot.com/

Pierluigi Paganini

(Security Affairs –  Tv5Monde, hacking)



you might also like

leave a comment