Skip to main content

The Mr. Robot Hack Report: SIM cards and whistleblowers

The Mr. Robot Hack Report: SIM cards and whistleblowers


In which Elliot gets a Pwn Phone

Share this story

Mr. Robot is a show built on hacks. The mother of all hacks serves as the big cliffhanger at the end of the show's first season, and nearly every plot development leading up to it was nudged along by some kind of exploit. It’s rare to get through an episode without at least one digital intrusion, often drawn from real life. Each week, we'll be running through Mr. Robot's C Y B E R activities — who got hacked, why, and how much magic would be required to make them actually work.

* * * S P O I L E R S F O L L O W * * *

It’s starting to feel a lot like the end of the season, right? We’ve still got three episode left but pieces are starting to fall into place, with Joanna making an unexpected house call, strangers knocking on doors, and Whiterose increasingly willing to take out CEOs who have lost her favor. We still don’t know where Tyrell is or what Stage 2 is, but it seems like we could find out pretty soon!

Of course, the FBI and the Dark Army are still both closing in, but we’ve also got Elliot back in Robot mode, so there’s plenty to dig through.


The most impressive hack comes when Elliot decides he wants to listen in on the Dark Army, first by shaking up Zhun in an admittedly weird library meeting (you have to be quiet in the library!) and then by planting a nasty spyware program on Zhun’s phone, allowing him to listen in through hacked phone’s mic.

You can buy a Pwn Phone for $1,300 if you have the money

Spyware programs like this are very real. Researchers found a particularly nasty one targeting the iPhone just last week, which triggered a frantic patch from Apple to fix the associated vulnerabilities. If you can install a malicious program on someone’s phone, hijacking the microphone and camera are among the first things most spyware programs do — and generally, they’re able to do it without much of a problem. The tricky part is just getting the program on the phone in the first place.

So…how does Elliot get his spyware onto Zhun’s phone? This is where it gets tricky.

We start with Elliot getting a new toy, a Pwn Phone with access to more than 100 different exploits. It’s a real thing! You can buy one here if you have $1300 to spend on such things. The only caveat is, the hack Elliot uses isn’t on the real-world version of the phone. He opens up a program called CrackSIM, which he seems to have coded himself.

The Mount Everest of phone hacks

As the name suggests, Elliot is going after Zhun’s SIM card, breaking in with a phone SMS and then using the SIM’s authority to delete the initial SMS and plant the spyware. This is an attack a lot of people suspected the NSA of pulling off after the Gemalto hack last year — but Elliot’s task is even harder. The NSA had the SIM keys because it stole them from Gemalto, something Elliot (presumably?) hasn’t done. As a result, he needs to get through to the SIM card from the phone’s operating system.

That’s totally possible, but it’s really hard — basically the Mount Everest of phone hacks. A researcher named Karsten Nohl gave a whole Black Hat talk in 2013 on exactly how you’d do it. Of course, his answers involve either months worth of brute-force cracking, spending $100,000 on a cloud computing cluster, or doing a year’s worth of computing up front and keeping the result on a very large hard drive. But for the sake of the plot, I think we can assume that Elliot has found a simpler way in with CrackSIM.


While Elliot’s doing all that, Angela is living the Karen Silkwood dream by stealing files from her boss and running up against possible regulatory capture issues at the Nuclear Regulatory Commission. Environmental regulations! Intrigue!

I’m making fun of this, but I do want to note that lots of people do this stuff in real life, and they’ve presented a much more meaningful counterforce to the evils of capitalism than groups like Anonymous usually do. So pour one out for the whistleblowers like Angela! Hug a plaintiff today!

Pour one out for the whistleblowers

For our purposes, the most important thing about Angela is the reappearance of the Rubber Ducky, the booby-trapped USB drive she got from Mobley when they were planting the femtocell back in episode 5. As Mobley said at the time, all you have to do is plug the Ducky in and let it work. In this case, Angela unsheaths the Ducky so she can push a trigger button, but that’s really all it is. Once she has the passwords, she just logs into the boss’s machine and moves the files over to another USB stick.

In this case, the absence of a more complicated hack might be the most important part. Angela isn’t taking any precautions to hide what she’s doing, so if an IT person happens to check whether anyone’s copied the "NUCLEAR SECRETS" folder in the past few weeks, they’ll see someone copied it to external storage from her terminal, while logged into her boss’s account. That’s pretty incriminating! But hopefully no one checks?

That’s all the haxxx (hacks) for this week, but I’ll be back next week even as the Digital After Show takes a one-week hiatus. As always, let me know if there’s anything else you’re curious about from the show — and if you need to leak any incriminating information about your evil corporate employer, you know where to find me.

Disclosure: NBC Universal, owner of USA Network, is an investor in Vox Media, The Verge’s parent company. Additionally, we are an independent editorial partner in the Mr. Robot Digital After Show hosted by The Verge.