As a promotional gimmick, StrongWebmail CEO Darren Berkovitz's Web offered a $10,000 prize to anyone who could break into his email account. He even gave them the account username and password because he believed that the voice-based identification technology sold by its parent company, Telesign,would protect him.
Well, it took only days for the hackers to break in and claim the prize. The hackers found the Web flaw within a minute, Secure Science chief scientist Lance James told IDG News, and then
spent about six hours perfecting their attack.
"They did it using an XSS script that took advantage of a vulnerability
in the backend webmail program," StrongWebmail said in a statement. StrongWebmail said it was "not deterred" by the contest's quick
conclusion and would be launching a new competition once this bug was
fixed, IDG reported. "We won't rest until we have created the most secure email in
the world," the company said.