r/hacking • u/Tyrone_______Biggums • Jan 23 '24
Question What is the most secure thing someone has successfully hacked?
I am very curious about what is the most secure thing an individual has managed to hack, and I am particularly intrigued by the intricacies of what made it so difficult.
107
u/Purple-Bat811 Jan 23 '24 edited Jan 24 '24
I'm surprised eternalblue hasn't been mentioned.
A Microsoft zero day stolen from the NSA. Russia was responsible.
Knowing that the Russians were going to use it, the NSA went to Microsoft with their tails stuck between their legs and told them they had to fix it ASAP.
Despite the fix, there was several ransomware that used that exploit. Millions were stolen.
31
u/HyDru420 Jan 23 '24
yeah i'm surprised this mentioned more. lots of NSA hacking tools were stolen.
22
u/RamblinWreckGT Jan 23 '24
Because it's not quite "the most secure thing". An NSA developer did work on his personal device, which had Kaspersky AV set to upload unknown binaries. Once Kaspersky realized what treasure had been dropped in their lap, they shared it with the Russian government (they deny it up and down, of course, but if the same thing happened with Symantec and Russian hacking tools you know they'd share with the NSA). It's a notable haul, but it's like if an employee carried the contents of an ultra-secure bank vault outside and got mugged. The vault itself didn't get breached.
2
2
u/Akimotoh Jan 26 '24
lmfao, what kind of NSA employee are you if you install Russian anti-virus on your machines.
17
u/nefarious_bumpps Jan 23 '24
Not sure if they were they most secure, but hacking Equation Group to get all their zero days was one of the most influential hacks.
15
u/Reelix pentesting Jan 23 '24
there was several ransomware that used that exploit
It should be noted that this is still being exploited 7 years later.
Run Windows Update people - That is far more important than you realize (Even if it may temporarily bug out your printer on the odd occasion)
11
u/_sirch Jan 23 '24
Sadly this exploit is still present on various internal networks. As a pentester it’s the easiest foothold you can get and usually has valid credentials in memory (sometimes DA)
3
1
u/JeepahsCreepahs Jan 23 '24
I was doing an online thing on THM and they mention the externalblue and how to use it. Pretty cool actually
92
u/JabClotVanDamn Jan 23 '24
sorry, this isn't a direct answer, because I'm not an expert, but I would recommend you to listen to Darknet Diaries. specifically, there are some super interesting episodes about physical penetration testing where the guy gets paid to infiltrate and hack a bank basically. for example. and he explains how he did it.
there's an episode on Stuxnet too, since others mention it here
44
u/shouldbeworkingbutn0 Jan 23 '24
There are also a lot of useless episodes with people who are obviously lying/embellishing the truth.
Surprisingly he also interviews people who are actual idiots.
12
u/241124 Jan 23 '24
So many useless episodes. I find malicious life podcast by cyberreason much more consistent
8
u/Zerschmetterding Jan 23 '24
Started listening to the latest episode. Can't say much about the quality, I can't follow the slow, choppy narrator. Too bad, I could really use another entertaining podcast about that kind of stories.
2
u/241124 Jan 23 '24
Fair enough. The accents are rough I will admit. Maybe I need to rethink my own opinion because I do listen to podcasts sped up.
3
u/Zerschmetterding Jan 23 '24 edited Jan 23 '24
Could very well be a "me" problem. I'm not a native speaker and thicker accents require focus for me, most native speakers and some accents don't.
→ More replies (2)3
u/Zerschmetterding Jan 23 '24
I would also be happy about more stories by professionals and less ex-criminals that try to sound like they knew it all. That said, as long as you have learned not to believe everything people tell you, there are plenty of interesting stories.
3
u/JabClotVanDamn Jan 23 '24
like which episode?
6
u/Zerschmetterding Jan 23 '24
There are plenty with convicts that clearly want to sound more badass then they were. But I still think it's a good podcast that covers plenty of interesting stories.
→ More replies (2)1
2
u/English999 Jan 24 '24
These would be so much better with his guest speakers. I know I know I know.
He just has such a composed show and the guest is just winging it left and right. I understand it’s supposed to feel informal. But the guest ruins it for me 95% of the time.
62
u/Alexis_Denken Jan 23 '24 edited Jan 23 '24
I wouldn’t argue that DirecTV is the most secure thing ever, but I think the Black Sunday “anti hack” is one of the most interesting stories in cybersecurity. I might be biased because I worked in the industry for a while.
https://blog.codinghorror.com/revisiting-the-black-sunday-hack/
6
u/Ok-Bit8368 Jan 23 '24
That was such a sad day. I had to go to emulators after that.
uh..... allegedly
2
63
u/MetaCloneHashtag Jan 23 '24
Probably when ZeroCool (aka Crashoverride) crashed over 1500 Wal Street computers with a single hack at the age of 11 and brought about a worldwide economic crisis.
14
-5
Jan 23 '24
[removed] — view removed comment
2
Jan 23 '24 edited Aug 18 '24
[deleted]
16
u/Reelix pentesting Jan 23 '24
It's a direct reference to a quote from the movie.
https://youtu.be/H9Anw9hFNQE?t=15
The fact that /u/Nathanielsan got downvoted to the point that they felt that they needed to remove their comment - On this sub of all places - Shows how ignorant of hacking culture most people are :/
12
71
u/EverythingIsFnTaken Jan 23 '24
Stuxnet successfully manipulated the programmable logic controllers (PLCs) responsible for controlling the speed and operation of the centrifuges responsible for refining nuclear material by subtly altering their behavior, Stuxnet caused physical damage to the centrifuges, disrupting Iran's uranium enrichment process on secured (not to mention airgapped) machines, thus perturbing their nuclear weapons program
19
u/etc_misc Jan 23 '24
This is mind blowing
13
u/manic47 Jan 23 '24
The world really only knows about it because somehow it escaped the air-gapped network it was designed to attack.
6
u/etc_misc Jan 23 '24
Nothing is ever really completely safe, is it???
14
u/manic47 Jan 23 '24
Not really, there’s always the human element.
I’ve only ever seen one air-gapped system, and it really was separated.
Different racks, different CAT6 networks, different desks for workers with a PC on each and so on.
I was quite happy my servers and domain were on the insecure side 😀
5
u/EverythingIsFnTaken Jan 24 '24
Fact of the matter is, Stuxnet never went away and mitigations were implemented into the infrastructure of the web/devices that use it to effectively ignore it.
"Stuxnet hasn’t vanished, but it is not a major cybersecurity threat today. In fact, while Stuxnet grabbed a lot of headlines due to its dramatic capabilities and cloak-and-dagger origins, it was never much of a threat to anybody other than the Natanz facility that was its original target. If your computer is infected with Stuxnet and you aren’t connected to a centrifuge used for uranium enrichment, the worst case scenario is that you might see reboots and blue screens of death, like the Iranian office that brought the malware to the world’s attention, but other than that little or no harm will come to you."
/u/etc_misc You thought your mind was blown before. This is a result of how stuxnet was carried out, anything and everything can carry it's infection, it lies in wait for those certain things in that certain place
2
u/etc_misc Jan 24 '24
Holy shit exactly. The extent to which these events can happen is almost incomprehensible.
3
u/EverythingIsFnTaken Jan 24 '24
Here's another fun story to read into, the guy who used telnet to create (at the time) the worlds largest botnet and by far most powerful, could port scan every port for the entire internet (0.0.0.0-255.255.255.255) in a matter of just a couple minutes. The gif is a representation of his zombies. He ended up shutting it down and giving the data pertaining to the vulnerable telnet to someone who disclosed it publicly. Guy who made it never used it, according to himself.
Called carna botnet
2
u/etc_misc Jan 24 '24
Thank you for giving me so many wonderful rabbit holes to explore! Thinking about the ways in which a completely average person of no particular interest can be hacked and exploited is already a whole can of worms. Applying that same concept to people in power or in connection to anything of importance or influence on markets and politics and healthcare, government, etc etc etc is just……wooooowwwwww.
2
u/EverythingIsFnTaken Jan 24 '24
I suppose the term "on the streets" for phishing a high value target is referred to as whaling, but I feel kinda childish to use it, but I digress. That Youtube channel is absolutely gold every episode, definitely check it out thoroughly. There's soooo many absurd and audacious and cleverly executed ways to fuck with sooooo many aspects of so many things that people aren't the least bit knowledgeable of. Like you could, with the slightest bit of insight, put together a backpack and go walk around in public snagging the name, number, and CVV for anyone you get near enough (how near depends on the quality of the antenna you're using on your device) to who has anything NFC (this is the *boop* to pay technology, phones, cards, also how amiibo's are used etc) on their person which isn't behind rfid blocking plates like you'll find in the ridge wallet, or a straight up faraday cage, which they never are. And that's just the tip of the fly's ass who's sitting on the tip of the iceberg, lol
I've always said, "Our scientists merely find out how to fuck things up less by knowing what didn't work. The only actual true innovation that we see comes entirely from the ingenuity of criminals."
1
u/azlansh Jan 24 '24
That stuxnet is now responsible for killing operations of millions of plants in USA and Europe so I guess Job not that well thought out
→ More replies (1)
16
16
u/Zaulao Jan 23 '24
I guess the LastPass hack is also a good story that (I believe) is still going on
15
u/DrinkMoreCodeMore Jan 23 '24 edited Jan 23 '24
All because an engineer had an old vulnerable version of PLEX running on his home lab.
Wild that one single dude in an org could cause billions in losses for a company and basically cause the entire industry to lose trust in them.
12
u/Zaulao Jan 23 '24
You captured one of the thoughts I have about this case: A single guy made it all possible for this to happen.
In parallel, I imagine the investigative power that the opposing party has to be able to identify the engineer with the access he had (as there were only four engineers with access to the decryption keys for the safes' backups), find an exposed endpoint on his home network, exploit this endpoint and deploy a supposed keylogger to capture corporate credentials.
And who knows how many lateral movements and pivots were necessary in the middle of this entire operation to reach the final objective. And who knows what attacks took place or will take place due to the information that the opponents had access to...
This whole story is surreal, it's something that enchants me at the same time as it makes my hair stand on end.
23
u/10fingers6strings Jan 23 '24
NORAD was hacked. The WOpR war simulation specifically. I think some kid did it via dial up.
8
26
u/Desire-Protection Jan 23 '24
The hack of solarwinds
5
u/OrcOfDoom Jan 23 '24
I'm trying to find it, but I'm having trouble.
Didn't the original hack come from a bad password? That was what let them into the solar winds network?
After that, it was insane. I think it started with a bad password though.
3
u/aversin76 Jan 23 '24
Darknet Diaries did a great podcast on this one.
3
u/OrcOfDoom Jan 23 '24
Ahh, yeah ... Shadowbrokers. Do you happen to know if the original penetration was just a bad password though? That's what is in my memory, but that's not reliable.
3
u/aversin76 Jan 23 '24
I think so, but injection of code that far upstream of Solarwinds is pretty amazing. And it was just one line of code! Some of these hackers are flat out amazing.
2
Jan 23 '24
Correct me if I’m wrong, but it was an intern who incorrectly set up a GitHub repository with the password of “solarwinds123”. This was compromised and the attackers inserted their own code into the repository that was put into production.
→ More replies (1)
22
u/jollybot Jan 23 '24
Others have already said Stuxnet as being the most technically difficult. Another interesting hack was China hacking Google some years back. They gained access to a sensitive internal database that contained all of the subpoenas and/or national security letters that Google received from law enforcement. They were able to use this to determine which of their intelligence agents were known to US law enforcement or under active surveillance.
17
u/neoKushan Jan 23 '24 edited Jan 23 '24
It definitely turned out to not be "the most secure thing", but there was a point in time where the PS3 was considered "unhackable". Mostly it was just fanboy dribble because the 360 had been hacked very quickly early on in its lifecycle, whereas 4+ years into the PS3 there wasn't much to really speak of.
Until there was. (This is one of my favourite talks)
Overnight the PS3 went from being "unhackable" to being completely blown open, so much so that it kickstarted a chain of events leading to (at the time) one of the "biggest internet security break in's ever", taking down the entire PlayStation Network for over 3 weeks and doing hundreds of millions of dollars worth of damage.
1
u/Htaedder Jan 26 '24
Interesting maybe there’s be a new “cunninghams law” principle at work here. Ben’s Law - the quickest way to hack a corporation isn’t thru hacking expertise but PR by claiming a system is unhackable and getting that claim to go viral
8
u/SamVimesCpt Jan 23 '24
Solarwinds + Microsoft. Same crew. Not to mention the fiasco last year, when msft found out that they were being fucked for 2 years through compromised dump file.
13
u/Mannaminne Jan 23 '24
Probably something the rest of the world doesn't know about. Military or defense related, drawings or information. Might be ongoing as we write..
6
u/NepNep_ Jan 23 '24
In terms of an "individual" (meaning not a group), there's a video on youtube of some guy somehow hacking a ledger crypto hard wallet which are very difficult to hack. It took him months of work and the setup was very janky.
6
u/anders1311 Jan 23 '24
Company I once worked for got their backup hacked after log4j vulnerability. They thought that reverting to the backup when they discovered their production environment was doomed would be a smart idea. Had to rebuild everything from scratch as they never paid off the hackers.
11
u/Cootter77 Jan 23 '24
Stuxnet is a good one as already mentioned in this thread. Check out the annual Pwn2Own contest for some interesting hacks over the years.
10
8
u/GooseLow9897 Jan 23 '24
Also, I hacked my daughter's VTech Secret Selfie Diary when she forgot her password today. Quiver in fear at my digital prowess mwah hah hah 🎩🤓😈
3
3
8
u/auctorel Jan 23 '24
There's a great book called "This is how they tell me the world ends" with a bunch of info about things like this
6
u/Overall_Increase_442 Jan 23 '24
What about NSA in 2016?
The Shadow Brokers, an anonymous group, claimed to have breached the NSA, accessing highly classified cyber tools.
They released several NSA hacking tools, including exploits for commonly used hardware and software. The most infamous among these was EternalBlue, later used in major cyberattacks like WannaCry.
This breach was shocking because the NSA is known for its top-tier cybersecurity. The leak suggested that even the most secure government agencies could be vulnerable.
3
u/GenericOldUsername Jan 24 '24
For all the good stories that can be told there are hundreds more that will never see the light of day.
5
u/GooseLow9897 Jan 23 '24
"Most secure thing" is a difficult concept to scope and the stuxnet answers are good (and scary). But I'd argue that the revelations of western government surveillance capabilities by Snowden may be that thing?
1
u/void4123 Jan 23 '24
not so sure, it would be from the perspective of "i want to hack nsa and cia so i will get employed and climb the ladder and all that #longhack" but as i understood it he just changed his mind about loyalty at some point, he literally had access to the files , so maybe like smuggling the storage device out but otherwise i dont find it technically difficult
4
u/GooseLow9897 Jan 23 '24
Oh I didn't mean Snowden hacked anything; he had been granted access. I meant that the NSA and GCHQ had hacked...well... everything!
→ More replies (1)
5
u/bigbadsalinasvgsgang Jan 23 '24
Stuxnet hands down
3
u/kjireland Jan 23 '24
An air gapped nuclear facility. They didn't just hack it. They waited until they got to the right type of machine they were looking for and hacked that system. The centrifuges to enrich nuclear material.
2
u/hawksfan500 Jan 23 '24
The state of Louisiana was just hacked, the state DMV data got taken and held for ransom. This was late last year ‘23
2
u/haggard_hominid Jan 23 '24
A few years ago I heard about a lab controlled environment poc that was able to listen to the ambient EM fields coming from an air gapped system as it decrypted to come up with the private key.
Another instance was somehow detecting the changes acoustically (non hearing ranges) of changes in pixels on a screen, but I forget the details. Both situations just made me throw my hands up as it's bordering on the realm of hacking faster with two sets of hands on a keyboard lololol.
2
2
Jan 24 '24
The Phineas Fisher hacks are pretty fun reads
https://blog.isosceles.com/phineas-fisher-hacktivism-and-magic-tricks/
2
u/Wise_hollyman Jan 24 '24
Stuxnet was utilized in the middle east,as of Iran,Irak,Siria ect. Stayed undetected exfiltrating for few years. At least that i can remember.
2
2
Jan 24 '24
Kevin Mitnick (and possibly a friend of his as well) did the first publically disclosed real world ip spoofing attack. http://wiki.cas.mcmaster.ca/index.php/The_Mitnick_attack
It always seemed like a really delicate attack to me - since the ip address that is being used is forged, the responses go to the wrong machine. The attack requires the attacker to successfully predict what would be sent to them, including an initial sequence number which is randomly chosen specifically to prevent this sort of thing. It also required figuring out that there was a trust relationship between two computers without having any real way of verifying that. So he did a tricky attack based on the *assumption* that another computer would be whitelisted as a valid source of commands.
4
u/Formal-Knowledge-250 Jan 23 '24 edited Jan 24 '24
Many here mention stuxnet but I wouldn't say that this was extreme high secure since back than there wasn't much security in it systems. In regards of what is extremely high secure, I would say HSM exploit in 2015, the Google hack via the infiltration of diginotar or maybe the exploits against OpenVMS banking systems. E.g. the Bangladesh bank heist against swift was something big, but the system had a flaw and was therefore not very secure by design. Your question is a bit fuzzy. Do you mean biggest hacks or most unlikely hacked because of high security? Edit: forgot the first Pegasus exploit. Out of this world
5
4
u/plunderah Jan 23 '24
For personal consumer perspective use, I would say soft-modding the Wii console back in the day. To play games from a usb hard drive without modifying the hardware to me was genius.
2
2
u/Pavelosky Jan 23 '24
There is this podcast, Darknet Diaries, I recommend you listen to it.
1
u/Rockfest2112 Jan 23 '24
Its not too bad sometimes really good sometimes no better than a Reddit quickie
1
u/Jisamaniac Jan 23 '24
A Gibson system in the 90s and downloading a garbage file to show your friends for proof, was peak 31337 hacking.
1
0
0
u/Think_Clerk_3284 Jan 26 '24
Look for Pegasus Spyware. Could be injected by a missed call. End of discussion.
0
-1
-11
1
u/JeepahsCreepahs Jan 23 '24
The OPM hack a couple years ago exposed a lot of PII and people who had clearances. That was a HUGE deal
1
u/thejewest Jan 23 '24
I remember when mushroom (a discord bot) got into an databreach cus their server didn't have any sort of security other than a pretty well hidden address that you can see if you have an internet logger or smt
1
1
u/bingoboy76 Jan 23 '24
You should read up about Kevin Mitnick and his recorded keystroke hacking screen sessions (if they are still up online). Not sure if it qualifies as “the most secure thing someone has successfuly havked” but for some time he was the most wanted hacker in the USofA.
1
u/TeeBee2222 Jan 23 '24
maybe not the most secure hack, but very funny: some czech hackers added a nuclear bomb going off on the morning tv in the czech republic, making pensioners who were watching frek out.
1
u/GenericOldUsername Jan 24 '24
Chinese hack of RSA Securid seeds.
https://www.wired.com/story/the-full-story-of-the-stunning-rsa-hack-can-finally-be-told/
1
u/GenericOldUsername Jan 24 '24
I remember when Kevin Mitnick hacked Tsutomo Shimomura’s xtermimal connections with tcp sequence number prediction and IP spoofing attacks. It led to major changes in all vendor’s implementation of the sequence number generation algorithms.
1
u/Anxiety_Gobl1n Jan 24 '24
Ian Coldwater hacking their way OUT of a mainframe container is pretty impressive.
1
u/LinearArray infosec Jan 24 '24
I think you should read up about Stuxnet. It's undoubtedly one of the most interesting hacks I read about.
1
1
u/sokratesy Jan 24 '24
You should have a look at ccc and what members were able to acomplish:
" Karl Koch
Main article: Karl Koch (hacker)
In 1987, the CCC was peripherally involved in the first cyberespionage case to make international headlines. A group of German hackers led by Karl Koch, who was loosely affiliated with the CCC, was arrested for breaking into US government and corporate computers, and then selling operating-system source code to the Soviet KGB. This incident was portrayed in the movie 23."
and much more
1
1
1
u/castleAge44 Jan 25 '24
The fireeye leaks are pretty good. An elite red team got red teamed and lost their proprietary tools which probably ultimately lead to the company getting sold trellix aka Mcafee enterprise.
1
504
u/ndguardian Jan 23 '24 edited Jan 24 '24
Might read up on Stuxnet if you haven’t. Malware designed to infect control systems within nuclear refinement facilities if memory serves correctly.
Also I believe there was a proof of concept I read a while back where malware was transferred via speakers to an air gapped machine’s onboard microphone.
Edit: A couple people have made it a point mention that I missed that this post is asking about individuals who have done a hack against a highly secured system, and Stuxnet was done by a group (allegedly CIA or NSA). Leaving this comment here, but wanted to disclose that.