this post was submitted on 13 Mar 2025
15 points (100.0% liked)

Ask

171 readers
470 users here now

Rules

  1. Be nice
  2. Posts must be legitimate questions (no rage bait or sea lioning)
  3. No spam
  4. NSFW allowed if tagged
  5. No politics
  6. For support questions, please go to !newtolemmy@lemmy.ca

Icon by Hilmy Abiyyu A.

founded 2 days ago
MODERATORS
BoozeOrWater@lemm.ee
fxomt@lemmy.dbzer0.com
asudox@lemmy.asudox.dev
15
What is the craziest cybersecurity hack you’ve ever heard of? How did they manage to bypass security systems? (discuss.tchncs.de)
submitted 1 day ago by Blaze@discuss.tchncs.de to c/ask@lemm.ee
9 comments fedilink hide all child comments
top 9 comments
sorted by: hot top controversial new old
[–] el_muerte@lemm.ee 8 points 22 hours ago (1 children)

Stuxnet was pretty wild. Used four zero-day Windows exploits to pretty much guarantee infection, propagated itself onto other computers on the network, and then did nothing unless it detected its host was running Siemens Step7 software connected to a PLC driving centrifuges within a specific range of frequencies specific to uranium enrichment, at which point it would start fucking with the centrifuge speeds to impede enrichment and drastically increase wear while displaying normal readings on operator stations. It was estimated to have destroyed as much as one fifth of Iran's uranium centrifuges.

[–] Blaze@discuss.tchncs.de 1 points 22 hours ago

Wild indeed

[–] DarkFuture@lemmy.world 4 points 21 hours ago

The answer is Stuxnet.

Read up. It's insane.

[–] swizzelmuppet@feddit.org 4 points 1 day ago

I really 'like' the usb-cables with all sorts of integrated goodies.

Like a payload deployment, wireless transmission and self destruction. All while Data and power delivery works flawlessly.

Like this. https://shop.hak5.org/products/omg-cable

[–] toadjones79@lemm.ee 5 points 1 day ago

Lots of Penetration Testing stories on YouTube. Not exactly cyber security but it was still solved with basic cyber security updates (and a few physical ones) I remember one where they just physically waited for six hours in an elevator they turned off with a key they bought on eBay for $5 after putting up an "out of order" sign on the door. Then, when everyone had gone home for the night, they came out and went to the server room and hacked their way through the entire system. They were pros paid by that company to find security holes, and they earned their pay that day.

[–] nsrxn@lemmy.dbzer0.com 4 points 1 day ago

stuxnet was pretty cray. and the stratfor hack.

[–] slazer2au@lemmy.world 4 points 1 day ago

EternalBlue has to be up there. Triggering 3 bugs in SMB to allow an arbitrary code execution on an unmatched system.

I hope the NSA person responsible for chaining those got a good bonus, but like any government employee I doubt they did.

[–] SpaceNoodle@lemmy.world 3 points 1 day ago (1 children)

Nice try, the NSA

[–] Blaze@discuss.tchncs.de 2 points 1 day ago

Well, usually that stuff is reported in details after the fact