This year’s string of hacking crimes has put many people and corporations on guard, as people are wary of losing critical company information or having money stolen from their bank account. However, one myth that needs to be debunked is that all hackers are geniuses. In reality, they are just average folks who are just as smart (or dumb) as the rest of us, which means they sometimes make some very dumb (and comical) mistakes. Alan Wlasuk, CEO of 403 Web Security, has compiled a list of the top six dumbest hacks of all time. While hackers can be dangerous, Wlasuk shows that not every hacker is a Kevin Mitnick.
Click through for the six dumbest hacks ever, as identified by Alan Wlasuk, CEO of 403 Web Security.
Late last year, Kelly Osborne (of “Dancing With The Stars” fame) had her email account hacked. The hacker, wanting to not only look at all of her past emails but her new ones as well, had Kelly’s emails forwarded to his own personal email account. This seemed like a pretty easy trail to follow.
Self-proclaimed hacktivist Shahee Mirza and several associates defaced a Bangladesh government military website, Rapid Action Battalion, with the message:
“GOVERNMENT DOES NOT TAKE ANY STEP FOR ICT DEVELOPMENT. BUT PASSED A LAW ABOUT ANTI-CYBER CRIME. YOU DO NOT KNOW WHAT IS THE CYBER SECURITY OR HOW TO PROTECT OWNSELF. LISTEN. HACKERS R NOT CRIMINAL. THEY R 10 TIME BETTER THAN YOUR EXPERT. WE ARE GINIOUS THAN YOU CAN’T THINK. DEFACED FROM BANGLADESH.”
Unfortunately 21-year old Mirza also left the banner that clearly stated, “HACKED BY SHAHEE_MIRZA.” Obviously not the “GINIOUS” indicated in his hack, Mirza may end up with 10 years in a Bangladesh federal prison. One can only imagine what the prisons are like in one of the poorest countries in the world.
Famous for his Samy Worm, Samy Kamkar was responsible for a virus-like attack that infected over one million MySpace accounts in 2006. Among other malicious effects was the ‘Samy is my hero’ addition to the MySpace homepage of each of the victims. As part of his obvious ego addition, Samy went on to boast of his hacking feat in a blog post. Unfortunately for Samy, the blog contained a picture of him with a license plate in the background, which was then used to find Samy.
Twenty-year old Sayaka Fukuda had her iPhone stolen on the streets of New York City. The thief, Daquan Mathis, while enjoying his new iPhone took a picture of himself (dressed in the same clothes he wore during the mugging), which he then sent to his own email address. Unfortunately for Mathis, Fukuda’s iPhone email account could be accessed on the Internet (like almost every such account). With his email address, it was a simple matter to track Mathis down – made even simpler by the fact the police had his picture.
By all accounts, Eduard Lucian Mandru is a very clever hacker. His 2006 hack of the U.S. Department of Defense (DOD) computer system went undetected for years, with the authorities only having Mandru’s email address ([email protected]) as their single clue. Mandru’s downfall and arrest in 2009, however, came about when he used the same [email protected] email address on the résumé that he posted on numerous job boards.
Wlasuk isn’t sure if this hack is dumb or just really fun. One clever hacker realized that recent speed traps use cameras that automatically register your speed, take a picture of you license plate, and then use character recognition to translate you license plate number into something they can use as a lookup within the DMV database.
With this in mind, he changed his license plate number to (‘ZU 0666’, 0, 0); Drop Database Table. If the DMV uses this string of characters in their database lookup it has a good chance of deleting all of the database records containing his actual license plate number, ZU 0666. Wlasuk ranks this as a 10 out of 10 on the creativity scale.