CategoriesHackingTechnology

A 19 year old Becomes a Millionaire by Hacking

A Teenager Becomes a Millionaire Through White Hat Hacking:



Hacking often refers to the breaching of information without a person’s consent or knowledge. It basically is the unauthorized intrusion into a computer or a network. It can be used to alter or change a system for different purposes or goals. Hacking can also mean the involvement of unusual or improvised alterations to equipment or processes.

A hacker has expertise in computer skills, and will know their way around systems and security features. They are often skilled programmers who use their technical knowledge to exploit bugs in order to break into computer systems.

The above-mentioned information is a very generic definition of hacking, It is what most people associate with “hacking” or “hackers”. They’re often used in a negative connotation, giving us the same feeling whenever we come across these words. However, it is very important to clarify that hacking is not only used in a negative sense. In fact, “ethical hacking” is on the rise.

“Ethical hacking” is also known as penetration testing. By definition, it is an act of intruding/penetrating into system or networks to find the threats and vulnerabilities in those systems which a malicious attacker may find and exploit, causing loss of data, These vulnerabilities could also lead to financial loss or other major damages. Ethical hacking or “white hat” hacking is different from intrusive or “black hat” hacking, in that its purpose is to increase and improve the security of the networks or systems. It does this by fixing the vulnerabilities found during testing. The tools and methods of ethical hackers might be similar or even the same at times, but the intentions and reasoning behind the act are totally different.

Recently, a teenager named Santiago Lopez made millions of dollars utilizing ethical hacking on HackerOne.

HackerOne is the number 1 ranked platform that helps organizations find and fix critical vulnerabilities that have the potential of destroying or exploiting your information in any sense. HackerOne is well known and has partnership with the U.S. Department of Defense, General Motors, Google, Twitter, GitHub, Nintendo, Lufthansa, Panasonic Avionics, Qualcomm, Starbucks, Dropbox, Intel, the CERT Coordination Center and over 1,200 other organizations in order to find and protect them against all kinds of vulnerabilities.

Like most of the hackers, Lopez is also self-taught. His specialty and expertise lies in finding Insecure Direct Object Reference (IDOR) vulnerabilities.

Lopez first gained interest in this field from watching a movie about hacking. His interest grew in this area, and then he started watching and learning to hack from online tutorials and by reading blogs. At the age of 16 he signed up for HackerOne, not knowing what he was getting into. He knew that he had to hack into company databases and he kept his name @try_to_hack in order to motivate himself further. He still goes by this name. Once he had signed up for HackerOne, he earned his first fifty dollars in a few months and that’s what motivated him further and showed him a path that he could do it.

Lopez continued making the internet a better place for many people who are associated with and have put their entire trust in HackerOne. Lopez choose ethical hacking because; “To me, this achievement represents that companies and the people that trust them are becoming more secure than they were before, and that is incredible.”

So this is how Lopez, a 19-year-old teenager worked his way up in the hacker community and proved himself by earning the first million dollars of his life. His story is a textbook definition of how practice, enthusiasm and talent matters – and is needed to get the top spot in any field.

CategoriesNewsSecurity

Wannacry Ransomware Attack – Updates From Top Sources

WannaCry? Ransomware Spreads Globally…

A ransomware attack began last week in Europe, targeting thousands of computers running Windows. Ransomware is malicious software that makes it impossible for the user to access their computer files unless they pay a ransom. Ransomware attackers frequently ask to be paid in bitcoin. Often times, even after the ransom is paid, the user still does not regain access to their files. The name of the worm that targets the Windows OS is called Wannacry (or WannaCrypt, WanaCrypt0r 2.0, Wanna Decryptor)

Here are some updates about the Wannacry ransomware attack from some top tech sources as well as clever comments from the internet:

NSA says ransomware was like “fishing with dynamite”

Quick guide on how it all works:

More leaks coming….

Leave Wannacry Hero Alone!

“A stealthy cryptocurrency-mining malware that was also using Windows SMB vulnerability at least two weeks before the outbreak of WannaCry ransomware attacks.”

IBM Suggestions to protect yourself from ransomware

Microsoft be like

“The Wannacry Starter Pack”

VXShare claims to have access to Wannacry samples

Some Linux users are gloating

See more news stories like this.

Photo Credit: christiaancolen

CategoriesHackingNewsSocial Media

Hackers Find Exploit and Reactivate LizardSquad’s Twitter Account

On September 2, hackers calling themselves “Spain Squad” used an exploit to take control of several previously suspended Twitter accounts. Among these accounts were usernames like @Hitler, @botnet, @LizardSquad and @1337. Twitter re-suspended all of the breached accounts shortly after the hack, but it is unclear whether or not they are still vulnerable to this exploit.

One of the hackers aligned with Spain Squad tweets about reactivated accounts.
One of the hackers aligned with Spain Squad tweets about reactivated accounts.

“It could be a vulnerability in Twitter’s software, a compromised staff account, or some other explanation. It’s also unclear whether the exploit is still active, or was patched concurrently with the banning of the hijacked accounts.” (Business Insider)

A spokesperson for the hacking group has stated they can do even more than recover old accounts with the exploit they found:

“The new exploit allows Spain Squad to change to suspend active accounts, change a user’s Twitter handle and even take control of active accounts. So far, the group has only demonstrated the ability to recover officially suspended accounts — though all of those have already been re-suspended by the social media company.” (Engadget)

Twitter actively suspends accounts that violate their Terms of Service (TOS). Sometimes these suspensions can be temporary and the user is able to restore their account after acknowledging broken rules and promising not to violate TOS again. Often, the user must delete offending tweets before the account will be restored. Alternatively, a Twitter account can become permanently suspended, which means the account is never to be restored under any circumstances. Restoring access to accounts that were thought to be never again accessible could prove to be profitable for hackers selling screen names that may be valuable. However Spain Squad claims to be non-malicious. Whatever their intent, they were definitely doing some of it for the lulz when they took control of the LizardSquad account:

socialhax hackers poodlecorp lizardsquad skids hack exploit twitter suspended accounts

CategoriesHackingNews

Hacker Steals User Data from Epic Games Forums

The usernames and email addresses of over 800,000 Epic Forums users were stolen by a hacker. According to Leakedsource.com, the attack happened on August 11. The hacker obtained the data by exploiting “a known SQL injection vulnerability found in an older vBulletin forum software, which allowed the hacker to get access to the full database” (ZDNet). In addition to the usernames and email addresses, the database contains scrambled passwords, IP addresses, birth dates, and activity such as posts, comments and private messages. Access tokens for Facebook were also breached. Epic Games has stated that the scrambled passwords will not be not easily crackable.

An Epic Games Spokesperson says that passwords do not need to be changed for the Unreal Engine and Unreal Tournament forum but a “compromise of our legacy forums covering Infinity Blade, UDK, previous Unreal Tournament games, and archived Gears of War forums revealed email addresses, salted hashed passwords and other data entered into the forums. If you have been active on these forums since July 2015, we recommend you change your password on any site where you use the same password.”

Epic’s Forums were also hacked last year.

CategoriesHackingNews

Did Another Hacker Steal NSA Exploits from the Shadow Brokers?

A Twitter user who goes by @1×0123 claims to have stolen the data that The Shadow Brokers hacked from the NSA.

nsa hacker

Gizmodo reached out to the hacker and were unable to verify their claims. However, back in April, NSA whistleblower Edward Snowden, gave them praise for reporting a vulnerability which may lend some credibility.

The hacker says they just need “some money to pay bills and stuff” and offered to share 50% of it with Gizmodo if they wanted to make an offer.

CategoriesHackingNewsSocial Media

Anonymous Hacker Brings Harambe Back to Life on Twitter

On Saturday, the Cincinnati Zoo director, Thane Maynard’s Twitter account was breached. The hacker changed Maynard’s profile photo to a pic of Harambe.

harambe hacker

Harambe was a silver-backed gorilla who was shot and killed at the Cincinnati Zoo when a 3 year old boy fell into the gorilla’s enclosure. Many people online had strong opinions about this story ranging from believing the parents of the child should be held accountable for Harambe’s death to supporting the killing of the gorilla because the child was in danger. Some even believed the child was in no danger and that both lives could have been spared. Anthropologist and UN Messenger of Peace, Jane Goodall says that the Harambe story “highlighted the danger of zoo animals in close proximity to humans and the need for better standards of care.” (Wikipedia)

The hacker who took over the Cincinnati Zoo director’s account also tweeted Harambe sympathizing hashtags such as #JusticeForHarambe and #DsOutForHarambe. The hack continues on through Sunday – the hacker telling the zoo employees to beg for their account back. Twitter user @prom has taken responsibility for the hack and says he doesn’t “worry about legal consequences at all.” (Cincinnati.com)

harambe hack prom

harambe hack

WATCH VIDEO – Gorilla zoo boy: did Harambe at Cincinnati Zoo deserve to die?:

Photo Credit: Julia Koefender – Flickr Creative Commons