Why I stopped hacking things just because I could Cybernews
p 2025 Cybernews Latest Cybersecurity and Tech News Research AnalysisppGreetings reader I want to talk about my former life as a blackhat hacker because it never makes any sense Many of my rampant hacking campaigns focused on breaking into big servers across several industries but not on seizing the networks by the throat and forcing them to their kneesppI think someone once said Your story is a collection of almost did big things This is true for me because I always knew when to pull back I was driven to maintain control over my hacking operations and my operators If I couldnt guarantee control over the outcome I didnt like to meddle with itppWhereas the statute of limitations for these prosecutable confessions has long since expired and the FBI is already well aware of them I want to share some true stories I believe its important to talk about these things since readers deserve a clearer understanding of the hacking landscape the psychology the choices and the consequences behind it all ppWere living in a time when hackers and script kiddies dont hold back because for them results are the ultimate euphoria Ive walked the line between exploration and destruction both accidental and deliberate just to watch the world burn ppThis is about knowing when to pull back when to let go of the joy ride rather than being controlled by thrills I came to learn that some vulnerabilities simply do not need to be exploited just because they can be Therefore these are true stories that illustrate the importance of control consequence and restraint in hacking ppBecause sometimes crossing a line isnt a revolutionary act or even worthy of Lulz its reckless and malicious This is coming from someone who was once controlled by chasing thrills while having a whimsical moral compass Moreover I started to understand my actions as a hacker after seeing some of my victims and learning how the attacks personally affected them ppAfter all behind every device is a person ppIn 2008 a friend and I broke into an Internet Service Provider ISP by exploiting weak access controls on their Remote Desktop Protocol RDP server Thats just a fancy way of saying that we guessed the password since the password was the same as the username ppMy job was to see if any users were online and then establish persistence Once you logged into the machine and accessed the user desktop the first thing you saw was Network Management Software NMS which the ISP used for monitoring and managing their satellite communication systemsppAfter taking a look at the software and learning about what it was managing we discovered that some of the devices it listed included HN7000S and DW7000 series terminals which are satellite modems often used in satellite broadband services pp
Were living in a time when hackers and script kiddies dont hold back because for them results are the ultimate euphoria Ive walked the line between exploration and destruction both accidental and deliberate just to watch the world burn
ppWe realized that we could monitor Very Small Aperture Terminal VSAT satellite communications VSATs communicate with satellites and operate as twoway systems sending and receiving data to and from space This makes them effective remote terminals allowing users to connect to the internet or private networks via satelliteppThis discovery came at a time when we were actively searching for systems to deploy our botnet on in preparation for our groups annual holiday celebrated on July 4th called Devils Night But as we learned more about the system it dawned on us that this was exactly the kind of network Chinese state actors would target a data superhighway used by businesses government entities and everyday users alike ppAt the same time it was clear there were too many variables that could go wrong since neither of us had experience with systems like this so we opted for a more familiar method of spreading malware infecting popular games and distributing them over peertopeer networksppIn the end we simply decided to use the machine for file hosting to stash our warezppBack in the early 2000s many banks and financial institutions during the Windows XP era still relied on Telnet or other terminalbased protocols for managing internal systems These often included connections to mainframes or midrange systems with core banking operations typically accessed over the 3270 protocolppIf youre familiar with Telnet then you know it transmits everything in plaintext Nothing is encrypted or protected in any way Were talking about financial institutions relying on a vulnerable protocol that was already considered obsolete back then and some still rely on it todayppMy friends and I were invited in on this attack party within the Security Operations Center SOC monitoring bank networks through Telnet People dont believe me when I say Ive never been motivated by money Ive been offered up to a million dollars for insider trading but money isnt my language Yet here we were ppCredentials were passed around and we started poking around not entirely sure why wed been invited to observe and watch the network We were logged into an active administrators account at a Security Operations Center SOC which meant they were supposed to be monitoring the network for security incidents ppThe SOC was physically located inside the banks own data center and not remote This means we could take the entire network based on the elevated credentials we had ppI was instructed to run tcpdump since it was installed on the host machine How were none of us detected and booted from the server The answer lay squarely in our ability to capture raw packetsppThe simple answer The system administrator was unaware of our presence because they were busy surfing the web and downloading a disturbing amount of adult content This made us laugh uncontrollably But instead of teaching them a lesson we left the network the way we found it ppWas the money FDIC insured Yes Would it have impacted customers if we stole it anyway Absolutely Consider the system we live in the hours of our lives handed over in economic bondage where our time is exchanged for currency just so we can spend the rest of our lives chasing some semblance of comfort and happiness People feed their families with those earnings They pay timesensitive debtsppEven from the unethical chaos of my youth I have never been motivated by money ppIn 2009 a friend and I did something universally stupid in what became one of the most infamous realworld applications of permanent denialofservice PDoS attacks called Phlashing It caused over 100000 DSL modems to brick across Brazil rendering them inoperable ppThis is an unusual term because attacks like these are extremely uncommon In a nutshell this attack allows an attacker to overwrite a modems firmware by injecting a malformed image rendering the device useless This wasnt part of the plan though We wanted to see if we could roll out a custom firmware that could essentially turn the devices into zombies for our botnetppYou see phlashing usually implies corrupting or bricking firmware with malicious intent However the same attack vector could be used to flash a completely functional but malicious firmware This meant we could use these devices to distribute attacksppIt was an experimentppUnlike regular DDoS attacks which are temporary because they normally stop after a while phlashing causes irreversible damage where the device cant be reflashed or repairedpp
In 2009 a friend and I did something universally stupid in what became one of the most infamous realworld applications of permanent denialofservice PDoS attacks called Phlashing It caused over 100000 DSL modems to brick across Brazil rendering them inoperable
ppWe automated the mass exploitation of modems on a grand scale using a Python script my friend wrote to handle every phase of the attack Theres a lot more to this story and we had to do a lot of research to pull it offppThe gist of it is this We understood that the attack would corrupt the firmware and brick the devices so we attempted to modify the existing firmware Well the experiment failed resulting in widespread corruption ppNeither of us knew the devices hardware architecture nor were we familiar with the original firmware structure We also had no experience crafting modifying or writing custom firmware We only knew we wanted to establish remote persistence on the devices ppSince we didnt witness the fallout firsthand we just finished the attack thought it was cool we pulled it off in spite of the modems bricking anyway and moved on to something else quickly forgetting we ever did this ppConsequences never entered our minds The thrill was over and we forgot we ever did it because at the end of the day we had zero accountability as we walked away from a cyberattack that disrupted the lives of over 100000 individuals for no apparent reason ppOne of the kneejerk reactions hackers often have is this if something can be exploited then it should be which is framed as a twisted matter of principle a way to teach users and admins a lesson for having a bad security posture ppHowever this way of thinking literally assumes that exploitation by default is a justified response to a systems weakness or a users lack of understanding as if finding a vulnerability is an open invitation to abuse it for the sake of teaching that valuable lesson ppThis moral rationalization shifts the blame entirely onto the victim for being unprepared rather than accepting responsibility for the decision to harm them for it If you were to strip it down to a blackandwhite raw truth the lesson masquerades as a form of activism or education that says Im teaching them a lesson because they deserve it ppHowever in reality it is about ego exerting dominance or proving superiority and chasing thrills ppIve been the bad guy before I once firmly believed that if I could break in you deserved what was coming But to teach a lesson implies you want someone to improve their security posture but thats just the lie we tell ourselves Theres no followup no constructive dialogue no guidance just destruction thinly veiled as justified ppExploiting a flaw doesnt automatically make you right it just makes you capable ppHaving the capability without restraint isnt power pp
Apple App Stores Novel AI Book Creator leaked its Firebase database revealing that its users generated far spicier stuff than your average ghost story
pp
Your email address will not be published Required fields are markedmarked
pp 2025 Cybernews Latest Cybersecurity and Tech News Research Analysisp
Were living in a time when hackers and script kiddies dont hold back because for them results are the ultimate euphoria Ive walked the line between exploration and destruction both accidental and deliberate just to watch the world burn
ppWe realized that we could monitor Very Small Aperture Terminal VSAT satellite communications VSATs communicate with satellites and operate as twoway systems sending and receiving data to and from space This makes them effective remote terminals allowing users to connect to the internet or private networks via satelliteppThis discovery came at a time when we were actively searching for systems to deploy our botnet on in preparation for our groups annual holiday celebrated on July 4th called Devils Night But as we learned more about the system it dawned on us that this was exactly the kind of network Chinese state actors would target a data superhighway used by businesses government entities and everyday users alike ppAt the same time it was clear there were too many variables that could go wrong since neither of us had experience with systems like this so we opted for a more familiar method of spreading malware infecting popular games and distributing them over peertopeer networksppIn the end we simply decided to use the machine for file hosting to stash our warezppBack in the early 2000s many banks and financial institutions during the Windows XP era still relied on Telnet or other terminalbased protocols for managing internal systems These often included connections to mainframes or midrange systems with core banking operations typically accessed over the 3270 protocolppIf youre familiar with Telnet then you know it transmits everything in plaintext Nothing is encrypted or protected in any way Were talking about financial institutions relying on a vulnerable protocol that was already considered obsolete back then and some still rely on it todayppMy friends and I were invited in on this attack party within the Security Operations Center SOC monitoring bank networks through Telnet People dont believe me when I say Ive never been motivated by money Ive been offered up to a million dollars for insider trading but money isnt my language Yet here we were ppCredentials were passed around and we started poking around not entirely sure why wed been invited to observe and watch the network We were logged into an active administrators account at a Security Operations Center SOC which meant they were supposed to be monitoring the network for security incidents ppThe SOC was physically located inside the banks own data center and not remote This means we could take the entire network based on the elevated credentials we had ppI was instructed to run tcpdump since it was installed on the host machine How were none of us detected and booted from the server The answer lay squarely in our ability to capture raw packetsppThe simple answer The system administrator was unaware of our presence because they were busy surfing the web and downloading a disturbing amount of adult content This made us laugh uncontrollably But instead of teaching them a lesson we left the network the way we found it ppWas the money FDIC insured Yes Would it have impacted customers if we stole it anyway Absolutely Consider the system we live in the hours of our lives handed over in economic bondage where our time is exchanged for currency just so we can spend the rest of our lives chasing some semblance of comfort and happiness People feed their families with those earnings They pay timesensitive debtsppEven from the unethical chaos of my youth I have never been motivated by money ppIn 2009 a friend and I did something universally stupid in what became one of the most infamous realworld applications of permanent denialofservice PDoS attacks called Phlashing It caused over 100000 DSL modems to brick across Brazil rendering them inoperable ppThis is an unusual term because attacks like these are extremely uncommon In a nutshell this attack allows an attacker to overwrite a modems firmware by injecting a malformed image rendering the device useless This wasnt part of the plan though We wanted to see if we could roll out a custom firmware that could essentially turn the devices into zombies for our botnetppYou see phlashing usually implies corrupting or bricking firmware with malicious intent However the same attack vector could be used to flash a completely functional but malicious firmware This meant we could use these devices to distribute attacksppIt was an experimentppUnlike regular DDoS attacks which are temporary because they normally stop after a while phlashing causes irreversible damage where the device cant be reflashed or repairedpp
In 2009 a friend and I did something universally stupid in what became one of the most infamous realworld applications of permanent denialofservice PDoS attacks called Phlashing It caused over 100000 DSL modems to brick across Brazil rendering them inoperable
ppWe automated the mass exploitation of modems on a grand scale using a Python script my friend wrote to handle every phase of the attack Theres a lot more to this story and we had to do a lot of research to pull it offppThe gist of it is this We understood that the attack would corrupt the firmware and brick the devices so we attempted to modify the existing firmware Well the experiment failed resulting in widespread corruption ppNeither of us knew the devices hardware architecture nor were we familiar with the original firmware structure We also had no experience crafting modifying or writing custom firmware We only knew we wanted to establish remote persistence on the devices ppSince we didnt witness the fallout firsthand we just finished the attack thought it was cool we pulled it off in spite of the modems bricking anyway and moved on to something else quickly forgetting we ever did this ppConsequences never entered our minds The thrill was over and we forgot we ever did it because at the end of the day we had zero accountability as we walked away from a cyberattack that disrupted the lives of over 100000 individuals for no apparent reason ppOne of the kneejerk reactions hackers often have is this if something can be exploited then it should be which is framed as a twisted matter of principle a way to teach users and admins a lesson for having a bad security posture ppHowever this way of thinking literally assumes that exploitation by default is a justified response to a systems weakness or a users lack of understanding as if finding a vulnerability is an open invitation to abuse it for the sake of teaching that valuable lesson ppThis moral rationalization shifts the blame entirely onto the victim for being unprepared rather than accepting responsibility for the decision to harm them for it If you were to strip it down to a blackandwhite raw truth the lesson masquerades as a form of activism or education that says Im teaching them a lesson because they deserve it ppHowever in reality it is about ego exerting dominance or proving superiority and chasing thrills ppIve been the bad guy before I once firmly believed that if I could break in you deserved what was coming But to teach a lesson implies you want someone to improve their security posture but thats just the lie we tell ourselves Theres no followup no constructive dialogue no guidance just destruction thinly veiled as justified ppExploiting a flaw doesnt automatically make you right it just makes you capable ppHaving the capability without restraint isnt power pp
Apple App Stores Novel AI Book Creator leaked its Firebase database revealing that its users generated far spicier stuff than your average ghost story
pp
Your email address will not be published Required fields are markedmarked
pp 2025 Cybernews Latest Cybersecurity and Tech News Research Analysisp
