Home > Computing > Catch hackers in the act with LogMeOnce Mugshot

Catch hackers in the act with LogMeOnce Mugshot

LogMeOnce has announced a new feature for its password manager software that claims to track the location of someone trying to gain access to your account without permission, even taking a photograph of the intruder.

The new feature, dubbed Mugshot, takes some cues from smartphone apps like Lookout Theft Alerts, which can be activated remotely if your phone is ever stolen, and used to turn on the camera and snap a photo of your thief.

LogMeOnce’s Mugshot tracks unsuccessful log in attempts on your account, then takes a photo of the “hacker,” logs their IP address, GPS location, and adds a timestamp before emailing all of this over to you without the intruder knowing.

“Mugshot is like an alarm system for your digital property,” said Kevin Shahbazi, LogMeOnce CEO. “The technology creates a digital fence around your account to detract hackers from entering. For those hackers willing to hop the “fence,” an alarm is set off and action is taken so users can have a clear understanding of who is hacking them and where the threats are coming from.”

But how exactly does this work? If you’re trying to access someone’s LogMeOnce account, possibly to gain access to their passwords and other accounts, you’ll be required to install the browser extension or mobile app. By downloading, this grants the software the function to use your webcam and record your location data. The log-in screen, for both computer and mobile, offers up this warning beforehand.

log me in page

In one case study, a LogMeOnce user was alerted to suspicious log in activity on his account that was traced to the Philippines. Mugshot sent the user a report with details like a photograph, GPS coordinates, and IP address. LogMeOnce provided a redacted copy of the report. Here’s a sample:

mugshot-1

This isn’t a perfect solution. Once the hacker or intruder is alerted to the fact that a photo may be taken of them, they can obscure themselves. Secondly, most malicious actors will be wily enough to obscure their location data wherever possible, especially if they’re really dedicated to hitting this account.

“We are notifying users that this is not an easy target. So, if you want to hack, then you need to put on a ski mask, sunglasses, and figure out how to mask your IP address and geo data. With such deterrence, the majority of hackers are filtered out and move on to another user who is not protected by LogMeOnce,” Kevin Shahbazi told Digital Trends.

Mugshot is just one of the new features in the latest version of LogMeOnce. The update also adds functions for importing data from other password managers, increased password security controls, and support for managing access for routers, workstations, servers and databases from one platform.