Hacker News new | comments | show | ask | jobs | submit login

I'd be willing to fork up the $150 to see if they could hack into my own gmail account. Seems like cheap penetration testing. Pointing them toward myself should be legal as well. So who do I pay?

In fact Google should be paying them to hack honeypotted accounts and see what they try.

A year ago a "friend" of me hired a russian hacker, just for a joke, and he hacked my gmail, twitter and facebook accounts. And the passwords were random 10 caracters or something like that. He hired the hacker in free-lance.ru

Any more information to this story? Do you know how they did it?

I'm sorry but I don't know how did he do it. I was wondered when I saw that I can't login in to my gmail account. I thought that it's impossible someone to hack my gmail account, because Google is a big company they should have some good codes there. But it's possible. In that day my friend sent my new password per sms my and said that it was a joke.

if you want to hire someone, go to free-lance.ru, in left menu select web-programmin (Веб-программирование)then secyrity (Защита информации) and hire someone. Some of them will do the work, if not, they know someone who can do it.

> I was wondered when I saw that I can't login in to my gmail account.

If you couldn't log in, he did it by guessing the answers to your security questions based on other stuff he could find out about you online, and resetting your password (possibly resetting or taking control of your backup email account that you had your new password set to send to, you should check all that stuff).

Question is, will they divulge the method they used to hack your site, and if so, can you trust them to tell you everything?

You're seriously wondering whether or not someone is going to trust their secrets and the source of their income with a complete stranger, and further pondering whether or not you can trust an anonymous criminal?

I'm sure they won't disclose their know-how. Not for $150.

Just get two guys to do it and see how their stories correlate.

You say "passwords" were they all the same password or was your gmail password unique to gmail?

they were unique strong passwords.

That's a good point, why are these guys doing this stuff illegally for pennies when there are probably plenty of companies out there who would pay them decent money for a proper pen test.

Probably because hacking into a gmail / facebook / twitter account is usually done by gathering informations about the victim by social engineering, and then trick the "lost password" form to get into the account.

Remember the guy whose macbook, ipad and iphone got wiped through iCloud ?

Applications are open for YC Winter 2018

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact