What Is The Most Interesting Attack Made On A Website?

While not specifically a website hack, probably the most impressive Internet-related hack I can think of involved was “Internet Census 2012″, performed by a security researcher/hacker took over many, many embedded devices in order to create what may have been the most detailed map of the Internet up to that date. The distribution of the affected devices looked like this:

The effort was simple yet breathtaking. Many Internet-enabled devices such as routers, uninterruptible power supplies, printers, and more esoteric gadgets support a remote command shell and are left with default passwords (or no passwords) in their final deployment. The person behind this effort harnessed them into a botnet, but unlike most botnets, which are often used for spammingor Distributed Denial of Service (DDoS) attacks, these were used to send probes that were heard around the world, creating maps of Internet topography, including this one:

All in all, the botnet involved spanned over 420,000 devices, and this wasn’t even the upper limit to the number which could have been taken over. When they were done, the researcher quietly deleted his or her code from the affected systems, left them intact with the passwords unchanged, published their work, and went about their business.

They could have just as easily used this resource for any number of malicious and/or self-enriching purposes. Instead, they were satisfied by performing valuable research which might not have been possible any other way. I understand that some people might have ethical problems with the way the research was conducted – it was, after all, unarguably illegal – but I have to have respect for someone who, given a choice, does a productive thing instead of a self-interested or harmful one.

You can read more about the methodology and findings which resulted, at: Internet Census 2012.

Source: Forbes

. . . . . . . .

Leave a Reply