In 2016, a hacker known who called himself/herself 'The Doctor' but was given the nickname 'The Janit0r' destroyed over 10 million internet connected home devices, including 60,000 Indian home internet routers, and made them completely unusable. Thanos would have blushed with a move like THAT! '
'The Doctor', in a letter admitting guilt written to a news outlet, called it an 'Internet Chemotherapy'. 'The Doctor' used what is called a Phlashing attack, also known as Permanent Denial of Service (PDoS), where the attacker runs malicious code on a device and causes irreparable damage rendering the device completely unusable (also called 'bricking a device' since it can only be used as a brick or paper weight afterwards). His motivation was to remove poorly designed, insecure devices in homes from connecting to the internet before they were compromised by a more malicious hacker to launch a larger attack on the internet that used those same devices as weapons! But he didn't stop there. He released the source code to his malware and soon it ran wild amongst people who had a lot more malicious intent and many variants sprouted. Do you call 'The Doctor' a hacker? A vigilante? Irresponsible? Ethical or unethical? If so, what about the makers of these home internet devices who continue to sell devices with known vulnerabilities? The debate continues as devices increase exponentially in our homes!
Hackers have figured out how to install malware behind those free USB charging stations in airports, malls, etc. It is perfect for them - they install the malicious USB once and people walk over to get hacked! Hackers call it 'Juice Jacking'. It is a big enough issue that the FBI and FCC have issued warnings about it. Juice jacking has been around since at least 2011 and major phone manufacturers have built in protections since then requiring user permission on data transfer or software install. But jail broken phones and other devices such as hand held gaming systems or devices from lesser known vendors could still be vulnerable.
Why are there so many weather apps out there? Some even require you to pay for them? They are all selling data from the National Weather Service that is free anyway. Weather apps capture your geolocation. But why do they need access to your contact list, camera, microphone, your email and more? It is because they want your data. There are hundreds of weather apps on each of the top app stores, many operated by shady app developers looking to make a quick dime selling your data. Make sure to enable the least amount of privileges or access required for the app. Always check the app developer's privacy policy to see what they do with your data.
weather apps spyingFool me once, shame on you. Fool me twice, shame on me! Imagine losing money in a crypto scam and then being targeted again by a scammer who promises to recover your money? Crypto recovery scams are now a thing. Read the FBI warning.
Are you using an old router that the manufacturer has issued an 'end-of-life' notice on? These are ripe targets for hackers to convert them into botnets or worse steal your data. Some old Zyxel routers are being targeted actively.
99.98% of Americans can be uniquely identified with just 15 characteristics such as marital status, age, gender. The data broker industry trades over 1500 characteristics about each of us thousands of times a day across every app, device and website we use.
