If you missed it, PewDiePie (aka, Felix Kjellberg) is the biggest “YouTuber” in the world, boasting more than 70 million followers and billions of views. He got his start on YouTube by recording himself playing video games and talking while he played. His irreverent humor and good nature was a hit with kids worldwide, and his channel exploded. Over the last couple of years, he made the transition to more skit-based comedy, but the one thing that has not changed about his channel is the incredible loyalty of some of his followers, many of whom are proud that PewDiePie dominates YouTube.
When it looked like PewDiePie’s channel viewership might be overtaken, one tech-savvy follower took matters into his own hands. Working under the Twitter handle @HackerGiraffe, he launched a hilarious hack that was geared toward bringing some publicity to PewDiePie and raise the public’s awareness of the vulnerability of many IoT devices, including printers.
To launch his attack, @HackerGiraffe downloaded a Printer Exploitation Toolkit (“PRET”) on the dark web and then used a hack tool called Shodan.io. Basically, Shodan is Google for hackers. It helps individuals identify and target unsecured Internet-connected devices. Shodan and other software packages like it make it easier for hackers to conduct operations.
After identifying his targets, @HackerGiraffe wrote a script to automate the commands necessary to target more than 50,000 printers. He forced all of the printers to print a humorous marketing flyer urging readers to subscribe to PewDiePie’s channel on YouTube to preserve his status as the most followed YouTuber in the world. As of this writing, PewDiePie has maintained his number one position.
As for @HackerGiraffe, he seems to have avoided any trouble over the hack and has received a bit of a boost in his celebrity.
Have you ever wondered why there are so many spoofing viruses on the internet? Hackers use spoofing to gather login and password information and then they sell it on the dark web. It is a serious threat that companies cannot ignore. If you are unfamiliar with the dark web and the information available there, you can read more about what it is and why the danger to business security is so high in our previous article, Is Your Business Protected from the Dark Web?
The dark web is helping cybercriminals share tools and methodologies into how to hack and ultimately steal from individuals and companies. They then sell the information they gather to other cybercriminals. Once a hack occurs, it is unlikely to stay in the hands of just the original hacker. They will nearly always sell the information to the highest bidder as quickly as possible. There is no way to know how many individual hackers or organized crime rings buy a subset of information and it is not unusual for a company that is compromised to experience several different attacks all from different sources in a short period of time. If a 29-year-old on a lark can hack 50,000 devices in a pizza-fueled weekend, imagine the threat a professional criminal organization can pose to a business’ security.
Gartner estimates more than 8 billion devices are already connected to the internet and billions more will come online in the coming years. Devices connected to the internet or the Internet of things (IoT) is a serious development in IT security. The age of do-it-yourself IT management is at an end. IT security is a sophisticated area and companies need professional IT management to help protect themselves.
One of the first steps to protecting your business is to monitor the dark web for user logins and passwords that have already been compromised. Just as @GiraffeHacker was able to gather tools and information from the dark web to pull off a practical joke, serious cybercriminals sell the information they steal from users.
Have your business logins and passwords already been compromised?