Tag Archive for: teenage

The teenage hackers paid millions to expose corporations’ weak spots


The 19-year-old sat at his desk, eyes hooked on the screen. Displayed on it was a corporate-looking website. At a casual glance it was just another nondescript web page, perhaps a little sparser than the colourful social media platforms he might be expected to browse.

But the American teenager had in fact gained access to the TAT-14 submarine telecommunications cable system. In operation until December 2020, the vital global commerce conduit stretched for more than 9,500 miles between France, Germany, Denmark, the Netherlands, Britain and the US.

“I came across this one web server. And the title was super interesting. So I wanted to see if I could hack it,” says Corben Leo.

His method was shockingly simple: Leo navigated to a very specific web address and refreshed the page twice. Thanks to a hitherto undetected flaw, the website treated his computer as if he had logged in with an administrator account.

It gave him the same level of control as the owners of TAT-14, resting his fingers on the artery of transatlantic trade in March 2019. And nobody knew he was there.

Leo’s hack is just one among a global community of bug bounty researchers: ethical hackers who investigate companies’ web servers for security flaws – bugs – and then reveal their findings to the owners, usually in return for payment.

“I could add admin access to all of their accounts. I could manage them, I had access to all of the internal cable documentation,” says Leo. “Everything that had to do with the inner workings of the cable, how the cable was physically structured, their maintenance periods.”

Not yet old enough to even buy a beer at the time, he could have triggered stock market crashes, disrupted governments or sparked accusations of international espionage.

Instead, he says, “I reported it to the telecommunication company as part of their security programme.

“I didn’t try to do too much because it was an undersea cable. I was fearful of getting thrown at a CIA black site!”

A lucrative pastime

For the most highly skilled hackers, bug bounties can be a lucrative pastime. Leo, now aged 22, claims he has earned “close to a million dollars” from his research efforts. As a…

Source…

CPS Security Guard Charged with Sexually Assaulting Teenage Student – NBC Chicago


A Chicago Public Schools security guard has been charged with sexually assaulting a student on multiple occasions last year at a South Side high school.

Tywain Carter, 29, was held in lieu of posting $20,000 bond at a hearing Wednesday. Judge Mary Marubio noted that Carter was in a “position of trust or authority” over the alleged victim, the Chicago Sun-Times is reporting.

“You were a school security guard, this child was new to that school, and you used your position, as a security guard, as a way to have access to this child,” Marubio said.

Prosecutors said Carter had approached the student and the student’s mother, told them he was a security guard and promised to look after the teenager, who was newly enrolled.

Carter would sometimes be required to remove students from classrooms during the school day, and he told a teacher that he needed to remove the student to help “acclimate” the student to the new school, prosecutors said.

On “multiple occasions” last November and December, Carter took the student to a computer lab where the student was assaulted, prosecutors said.

In December, the student told their parents that Carter had been suspended from the school after another student made abuse allegations against Carter, prosecutors said. The teen then allegedly said they had also been the victim of abuse.

The student’s parents reported the allegations to police and school officials on Dec. 23, and Carter was suspended Jan. 6 after a disciplinary meeting with school personnel, according to prosecutors.

Carter was suspended in December while the district investigated, according to a CPS spokesman, who declined to say if the district had been notified of any other allegations against Carter.

“Chicago Public Schools (CPS) strives to foster safe and secure learning environments for our students, families, and colleagues. Our schools and the District investigate and address all complaints and allegations of wrongdoing in accordance with District policies and procedures,” the spokesman said.

The student was interviewed at the Chicago Children’s Advocacy Center the next day and identified Carter, who was placed into custody on…

Source…

Teenage TalkTalk hacker accused of $800,000 cryptocurrency theft in the United States

Elliott Gunton – aka “Glubz” – is charged in relation to the December 2017 security breach of cryptocurrency exchange EtherDelta.

Graham Cluley