Follow Slashdot blog updates by subscribing to our blog RSS feed


Forgot your password?
Crime Security The Internet News

15-Year-Old Arrested For Hacking 259 Companies 153

An anonymous reader writes "Austrian police have arrested a 15-year-old student suspected of hacking into 259 companies across the span of three months. Authorities allege the suspect scanned the Internet for vulnerabilities and bugs in websites and databases that he could then exploit. As soon as he was questioned, the young boy confessed to the attacks, according to Austria's Federal Criminal Police Office (BMI)."
This discussion has been archived. No new comments can be posted.

15-Year-Old Arrested For Hacking 259 Companies

Comments Filter:
  • Not hacking (Score:4, Informative)

    by Anonymous Coward on Wednesday April 18, 2012 @04:06PM (#39727057)

    nerd voice

    Excuuuuse me. The term is 'cracking'.

    / nerd voice

    • 2600 would disagree

      • Re:Not hacking (Score:5, Insightful)

        by mcgrew ( 92797 ) * on Wednesday April 18, 2012 @04:34PM (#39727481) Homepage Journal

        Citation? because the AC is correct. I understand how muggles confuse nerd terms, but they've taken OUR word for modifying hardware or writing quick-and-dirty single-use code and we let the muggles mangle the meaning of OUR word! As someone already pointed out, he's not a "hacker", he's a script kiddie. The hackers wrote the code he used for his cyberburglary and cybervandalism.

        I never thought I'd see the day when we would be acceptable, let alone the day normal people pretend to be us.

        • He is saying that some people say that "hacker" only refers to people who like to illegally break computer security systems, by referring to 2600, a hacker group known for that sort of thing. I say that anyone who is curious can read 2600 magazine and see that while there are a lot of articles about breaking security systems, there are other articles that are within the scope of the old school meaning of the word "hacker."
        • Go read 2600 - or go buy their Best Of book, a good read. The editors have repeatedly stated that they're against using the term "cracker" to denote a malicious hacker. I never said whether or not cracker is the correct term, just that 2600 disagrees.

        • by Myopic ( 18616 ) *

          I disagree. My understanding is that "hacker" predates "cracker", and that some nerds decided they didn't like the pejorative sense of "hacker", so they adopted it as their own (cf. "nigger") and proffered "cracker" as a pejorative replacement. Most nerds, and all non-nerds, rejected this attempt at redefining the word "hacker", and continued to use it with its original meaning. To this day, that minority of nerds, especially the ones who like rhetorical pugilism, continue to make their specious case on Int

      • by betterunixthanunix ( 980855 ) on Wednesday April 18, 2012 @04:40PM (#39727555)
        If you actually read 2600 magazine, the scope of the articles fits in with the typical definition of a hacker: someone who likes to tinker with computers and other electronics. There is something of a bias toward computer security, but I have also seen articles about undocumented functions of electronics, technical information about various networking equipment, and so forth.

        Hollywood, on the other hand, turned "hacker" into a code word for "computer criminal." No surprises there, given that Hollywood's view of computing is basically the antithesis of what the old school hackers had in mind. Hollywood thinks that computers should only be programmed by licensed professionals, who can be held accountable for the software they write (e.g. deCSS). In Hollywood's view of the world, if you buy a computer that has been programmed to stop you from running your own software (e.g. an iPhone, a PS3, etc.), then defeating those restrictions is criminal behavior -- and they got that codified in the law with the DMCA.
        • Hollywood thinks...

          Citation needed...

        • I was referring to the parent poster who (sarcastically) was saying it's cracking, not hacking. The editors of 2600 have repeatedly stated that they don't support segregating cracking and hacking, that malicious acts do fall under "hacking" just as much as non-malicious acts.

          • by Ash-Fox ( 726320 )

            The editors of 2600 have repeatedly stated that they don't support segregating cracking and hacking, that malicious acts do fall under "hacking" just as much as non-malicious acts.

            It's more to do with the fact they (2600) fall under the 'grey hat' category .

        • I haven't read a fresh copy of 2600 in a very long time, but in picking up a random copy off the shelf (Fall 1998) there is an article on page 15 called 'Back Orifice Tutorial.' The article went on to describe basic social engineering skills and methodology for operating this software. There were are also several other articles of interest such as 'Screwing with Moviefone' and 'Screwing with Radio Shack & Compaq' in the particular issue, all of which seemed like they were aimed at script kiddies. As
    • Re:Not hacking (Score:5, Insightful)

      by Tarlus ( 1000874 ) on Wednesday April 18, 2012 @04:15PM (#39727205)

      The teenager used various hacking tools widely available on the Internet, including software that helped him remain anonymous.

      Nothing more than a script kiddie.

      • by jellomizer ( 103300 ) on Wednesday April 18, 2012 @04:21PM (#39727293)

        A real hacker would break into 256 companies, not 259... What was he thinking?
        Unless he actually broke into 512 or 1024 companies.

      • Not anonymous enough.
      • I'm asking this as someone who wouldn't even qualify as a script kiddie...

        If you were hacking into sites (blackhat, whitehat, whatever), would you do so from home? I would think that at the very least, you'd get in your car and look for open WiFi. I imagine that with the high-speed cell networks and prepaid phones you could even afford to hack from anywhere with a cell signal.

        But certainly not from your home network?

        • Re:Security blanket (Score:5, Interesting)

          by b4dc0d3r ( 1268512 ) on Wednesday April 18, 2012 @07:52PM (#39729751)

          A 15 year old most likely is not mature enough to have that level of understanding.

          Disregarding his age, anyone would fall into the same trap. Dip your feet in the water, and don't get caught. Go a little further, and still remain undetected. Maybe you get detected next time, but they can't find you. All from the psychologically safe bedroom/basement instead of getting in your car (which a 15 year old in Austria may not be allowed to do).

          Once you truly understand how the network works, and you're writing your own tools, you understand that the safest place you can be is in public, away from anything personal including hotel reservations. But that also has to include CCTV or other surveillance. Until then, the comfort zone of "home" makes you feel you can not get caught. The illusion of safety when you are at your most vulnerable. Especially when repeated attacks come from the same place.

          Disclaimer: I'm not a white hat, nor a black hat, nor an any hat. But I have read a lot about people and what makes them do stupid things.

        • One of the connotations "script kiddie" carries is of a certain naiveté. In many cases people will download a ready-made script (hence the term) to, for example, scan for a security hole in an out-dated Wordpress installation, I see them the whole time in my server logs.

          You're correct though, doing it from behind your home router is generally a dumb thing to do because it's so traceable. The easy alternative is to go through anonymous proxy servers which don't log the traffic (and they do have leg
    • by Medievalist ( 16032 ) on Wednesday April 18, 2012 @05:53PM (#39728501)

      Bruce Perens was addressing a bunch of geeks once and somebody asked him to use the word cracker instead of hacker when referring to computer criminals. Bruce replied "I refuse to use the word cracker because it's insulting to georgian-americans, and will continue to use the phrase computer criminals". I laughed my ass off, but he was right.

    • When are nerds going to accept that "hacking" has a perfectly legitimate second meaning? It is really really simple. If the object of the hacking is a technology, you can carry on using the maker-hobbyist-anorak definition. But when the object is an individual or a group using some sort of electronic security, hacking means compromising that security in whatever way you want. If the hacking is being done "into" something, there is no ambiguity at all. This has been the understood meaning ever since people w
      • by Ash-Fox ( 726320 )

        When are nerds going to accept that "hacking" has a perfectly legitimate second meaning?

        Never. You have your answer.

  • by Anonymous Coward

    It's a survival trait.

    • Re: (Score:3, Insightful)

      by kelemvor4 ( 1980226 )

      It's a survival trait.

      Right. Just like when I was a kid we used to say "skateboarding is not a crime".... until we got in trouble for it.

  • by Anonymous Coward

    Austria is a former penal colony. All their citizens are descended from criminals.

  • Any one else read this as nmap and known vulnerabilities?
  • That's 1507 systems to you and he's 11! ;)
    • Hell, if it were me... I think I'd stop at popular numbers. Pick a pattern of common computer values like 16 sites, then stop for a while, then 64, then 256, then 1024.

  • by Ranx ( 28829 ) on Wednesday April 18, 2012 @04:09PM (#39727115) Homepage

    System Operator arrested for leaving the computer system of the company he worked for vulnerable for attacks by kids. Oh wait...

    • by noahwh ( 1545231 )

      Perhaps you mean fired? Or possibly promoted, if it's a government job.

    • by Nikker ( 749551 )
      You have to wonder, at what point do these companies start to feel stupid and have to *share* the blame?
  • by Anonymous Coward

    His youthful adventure is about to begin.

  • That child is a beast. Too bad he got caught xD
    • by doston ( 2372830 )

      That child is a beast. Too bad he got caught xD

      That's what I thought. Thought the same about the barefoot bandit. But fear not, they'll get the kid in college, hook him up with a job and turn him into a cubicle drone in no time.

  • by tom17 ( 659054 ) on Wednesday April 18, 2012 @04:31PM (#39727447) Homepage

    See, the problem was that he is only an 8-bit hacker. He should have stopped at 256 companies or upgraded to 16-bit.

    It's the overflows that got him :(

  • some of the CIOs at the hacked places should tell the ceo. This is what your cost cutting did it got us hacked as you did not give the IT team the funds to upgrade to newer software and hardware.

  • In his defense, the lad said " Life moves pretty fast. If you don't stop and look around once in a while, you could miss it. "
  • by WaffleMonster ( 969671 ) on Wednesday April 18, 2012 @06:39PM (#39729025)

    The only thing worse than being hacked by a bored 15 year old is being hacked by someone with an agenda.

    I think governments should sponsor public hacking competitions with basic code of ethics rules and immunity from any legal or civil actions. Better than wasting billions "cyber defense".

  • by alphatel ( 1450715 ) * on Wednesday April 18, 2012 @08:34PM (#39730127)
    If you look at the screenshots of what he defaced, it was default joomla templates on dead websites. If you read the forum he was in, it has about 50 active members of 2000 registered, and he was ranked the 50th best. This kid is about as dangerous as soap. If they even bother to sentence him it would be a joke. He knows nothing of real hacking and we should be thankful that Darwin has weeded him out early.
  • 259 companies aren't terribly embarrassed about implementing systems so badly that a 15 yr kid using cut and paste broke into their systems and viewed our personal information, credit card numbers, the dreaded social security number, etc, etc.

    We really need to start taking these companies to task for their pitiful respect of the information we entrust to them. The kids in the wrong, no argument from me there, but couldn't they at least have invested enough effort to prevent point and drool attacks from wor

  • Ok no problem, everyone is trying their best to give their best ,in my view boy's career is very bright if follows the + path Granite Worktops []

They are called computers simply because computation is the only significant job that has so far been given to them.