FYI.

This story is over 5 years old.

Tech

The Time I Got Hacked in a Lisbon Bar

This whole story is a long way of introducing myself to you, dear Motherboard reader.
​Image: Flickr, ​Pedro Ribeiro Simões

Lorenzo is Motherboard's new hacking and infosec reporter. Formerly of Mashable and Wired's Danger Room, he's an excellent reporter and we're very glad to have him aboard. I asked him if he'd write an intro post for himself, and it's rather fitting. — Derek Mead

I was sitting in a dark Lisbon bar, sipping cheap Portuguese beer with some friends when I first got hacked.

It was 10 years ago, the summer of 2005. I was in Lisbon for my first dude vacation with a bunch of friends. At the time, I was the proud owner of a Nokia 7650, Nokia's first—and then incredibly cool—sliding phone. I'm not sure you could call it a smartphone, but it was definitely a step ahead of the previous generation of cellphones. It had a color screen (!), a camera (it was Nokia's first camera phone too!), and you could hang up by sliding it closed, which made ending unpleasant phone calls that much more satisfying.

Advertisement

It was our first night out and we headed to a random Irish pub just a few hours after landing, and for whatever reason, we were bored.

In 2005, it was rare to have an internet connection on a smartphone, so the way I sent pictures to my friends while wasting time in class was using Bluetooth. Whenever I was bored, I'd always check to see which Bluetooth devices were around me.

That's what I did that night. And as soon as I turned on my Bluetooth, another phone sent me a file that seemed to be an installer for a video game.

"Cool," I thought. "Someone is challenging me to a virtual battle."

That wasn't a videogame—it was malware. And I got hacked with it.

How wrong I was. That wasn't a videogame—it was malware. And I got hacked with it.

The installer did not install a game, but it didn't (at least apparently) do anything else either. But then, a couple of weeks later, my phone began to reboot around midnight every once in a while. Whenever it restarted, the screen would flash in a weird way for a few seconds, and then, everything would come back to normal.

I went to a phone store and they told me what I already suspected: It was a virus, perhaps a self-replicating worm since my phone tried to send it to other Bluetooth-enabled phones in the vicinity.

At that point I installed an antivirus app (I really can't remember which one), but it didn't really do anything.

I never found out what that virus actually did, and I got rid of my Nokia 7650 a few months later. But looking back, I now finally realize that (most likely) harmless hacking incident was probably the seed that spawned my obsession with cybersecurity, or as it should be more accurately called, information security. You know: infosec.

Advertisement

In the years after that annoying virus, I became a sucker for stories about hackers and digital freedoms, which are now increasingly restricted with the use of malware. During law school, I was also fascinated by the whole WikiLeaks saga, which was fuelled by a hacker who had founded a scrappy organization to free the world of secrets.

In the last year and a half, as I became obsessed with the NSA revelations, I also became a little paranoid, which is OK—you should be a little paranoid too. That pushed me to learn about encryption and all the ways you can protect yourself online.

But as one security researcher told me once, "if it's connected to the internet, it can be hacked." And guess what, everything from fridges to watches and gas pumps is getting connected.

This is now part of everyone's lives. It's a cliché, but it's true. We're all going to be hacked someday, it's just a matter of time. So it's important to understand how this could happen, and how to best protect ourselves.

In hindsight, it might have been that stupid mistake (don't accept app installers from strangers) that eventually led me here to Motherboard.

So yes, this whole story was a long way of introducing myself to you, a Motherboard reader.

You'll be reading more from me in the future, and I promise I don't have any other "I got hacked stories." (Either nobody is hacking me or they're so good I'm not noticing it.)

But I'll have a lot of other stories on how governments are using hacking or other subter​fuges to monitor citizens' online activities (in fact, here's a recent example), how researchers are probing the security of all kinds of software and hardware, and how technology is restricti​ng—or trying to enhance—our freedoms.

If you have any tips or ideas, feel free to reach ​out.