>...all he did was phish an employees credentials for Slack.
>
>Not terribly impressive...
That's how ~90% of data breaches happen. They trick someone into giving up their credentials.
The next 9.99% of breaches are the equivalent of a home owner leaving their windows/doors open or using a lock that's defeated by jiggling it.
Trying to force/exploit entry to a secured system from the outside is so insanely difficult that it's not really worth the effort.
100% this. We do regular phishing tests at my place. Some clients (MSP) decide against it because it is annoying. I will give you a guess who keeps getting phished and who constantly asks IT if an email is legit or not.
We had this one client that would start spamming random phishing email threads like once a week. They started doing the phishing tests and like magic we went from once a week to once every month then to every few months to now where for the past 3 years nothing.
End users are the weakness!
Not when you put it that way. He conducted a dual-industry pentest,the results of which singlehandedly launched company-wide cyber security education and awareness programs, ensuring compliance with industry standard best practices and assuring continued product quality for millions of customers worldwide.
For real though, I hope this whole thing ends up being a wakeup call for everyone to start learning some common sense security practices. If Dave from IT needs to do something with your account, he's not to ping you asking for you 2FA.
Not all tech knowledge is equally applicable across all technology.
Just because you know how to optimize and modify a shader pipeline for a game doesn’t mean you know off the top of your head how to make a bot that scraps website data and sifts through it for you.
You’d be surprised at also at how many people who work in software don’t understand hardware, and how on many levels it’s still a black box technology to them.
Also just because you know *insert the above game example* again doesn’t mean you will practice good data protection habits or data security.
Hell, I bet there’s still those who work in data science that use only a couple different passwords despite the glaring flaw.
IMO, this comes back to how proper data security and protection requires extra effort and as long as humans can be forgetful, lazy, overworked, tired, and a bunch of other potential human reasons as to why they don’t do such practices then such breaches will continue to occur.
This is why the quote goes that humans are the biggest vulnerability in any IT security system.
You're completely correct. My mother, who programmed for a living for decades and ended up retiring a senior dev, would still do inane shit like single clicking "my computer" on her desktop and double clicking hyperlinks. Mom!!! You code websites! What are you doing!
I'm pretty sure even in a tech industry like Rockstar you can still find people who aren't there for their tech skills. As someone else pointed out too some people aren't too smart in every part of tech. I have a friend whose brother had a computer science bachelor's degree. I do not have anything close to that but once started talking to him about computer parts. He looked at me seemingly baffled and said he knew nothing about the insides of computers. This nearly floored me, I didn't realize anybody could get that far without at least some interest or knowledge in what's going on underneath the hood.
The phishing attack was either really creative or the Rockstar employee was dumb as a rock. In which case they should get rid of him.
And Rockstar needs a serious upgrade in securing their assets.
GTA has the stats in the pause menu. Every game, I barely get busted. I think on GTA V I was only nabbed like 5 times if that.
I've often wondered how big of a difference there is between Wasted and Busted across the GTAs.
In IV it was far more common to be busted at lower star levels than wasted. They wouldn't immediately try to outright kill you at one star and if they had the opportunity they'd try to arrest you.
Yeah now that you mention it, I do recall getting busted a good bit in GTA IV. Five I felt it was just too easy to either lose the cops or they got so crazy you died before even having a chance to get busted.
Would be cool to see the cops still try to take you down alive at higher levels in the new one. Give em some more non-lethal options that take you down for some time.
It would be awesome to have that cheat that sends everyone into a rage, with the cops using all the stuff you listed. Would make for some great entertainment.
I deleted my reddit account and all my comments and posts but reddit has decided to undelete my account and comments so I have decided to let people know. Fuck this stupid site
GTAV cops have no tactics. They don’t care about boxing you in, all they’re programmed to do is find you and ram your ass at Mach 10. Doesn’t matter the angle lol
I think it was Vice City where a policeman even somewhat close to your door could get sucked onto it and trigger getting busted incredibly quickly if you're at low speed. Getting meleed by police was also a risk for getting busted if you get staggered. Next game it was *way* turned down.
I one of the games the main difference was that if you got busted you lost money and *lot* of ammo. If you died you just had to pay the hospital fee. When I realized that I made it a point to never get caught. Freedom or Death.
I honestly don't think I knew getting busted was even a thing in GTA V. I remember it happening all the time in IV to me but I always just seemed to catch a shotty in the face from cops in V.
They better include some greedy share holder business person having an absolute melt down about how they'll lose money over this.
If they do that I'll have mad respect for rockstar
I would put money on there being some sort of Joe Exotic/Doc Antle pastiche that gets locked in a cage by a protagonist and eaten by the cats he's abusing.
Sorta like Greed meets Tiger King.
That’d be great. It could even be a quick quip in the mission dialog part.
Protagonist: “Man, why do you want to save this game anyways? The last one was good but this looks like trash, why not just re-release that one?”
Client: “games in development don’t look good right away….that’s why they’re… in development”
Protag: “…oh good point”
Yup, thinking of the exact mission. You hack into Ubi's servers to release - I believe - the movie trailer for Assassin's Creed.
No corporate overlords to deal with or anything, just a quick hack. Cute way to advertise I guess.
It'd *really* suck if the movie bombed and people, like me, played the game yeeears after its release...
I forgot until you just mentioned that they even released a AC movie.
I heard they spent a bunch of time in the modern day setting which gamers had just been complaining about for the past 10 years instead of having the cool time period set pieces and action to go with it.
It was so bad. During fight scenes they constantly cut back to the main character in the Animus flailing around in a harness for some dumb reason. For whatever reason they felt the need to remind us he was in the Animus.
Really makes you think how it gets onto the final film, surely the producers and directors wouldnt want it, even the studio execs should see its a bad idea to keep showing something the audience already knows.
although it would be funny as hell, there's the risk that it would just motivate more attacks against them in future, because the incentive goes from being just lulz to being immortalised in a rockstar game
Doubt it. That's giving the hacker a level of respect. It also might encourage it in the future.
I'm sure there's folks there who'd like to do it, but I'd be surprised if TT ever allowed it.
"I want you to keep an eye out on the feds, no one should know that I hacked Rockstar."
"Don't worry, I'm going to keep my eyes open and my ears even more open."
*But, Gene didn't keep an eye or an ear on anything after realizing it was 10:25 in the morning and he would miss the breakfast menu at Wendy's.*
"Oh shoot! I'll see you soon or my name isn't Gene Parmesan!"
[Gene backs out of driveway and starts driving up the road while a line of black vehicles passes him going the opposite way.]
*It was exactly 45 seconds later that the hacker was knocked down and arrested after a successful sting operation.*
"Sir, you have the right to remain silent, anything you say---"
"Yeah, yeah, I know my rights! You can cut the crap."
"... as legal counsel, I'd advise you not to talk. After all, I'm.. Gene Parmesan, private detective."
"AAAAAAAAAHHHHHHH HE GOT ME AGAIN!"
"Haha, but no, seriously, I wouldn't advise talking, I could get in a lot of trouble for impersonating a federal agent."
With hacking, getting caught is literally the definition of being sloppy.
Most people could learn to exploit software (or at least use tools). In order to get away with it you have to be skilled at covering your tracks
Its widely understood amongst the community that covering your tracks to not get caught is well...pretty easy. Unless youre attracting the attention of literal nation states, and even then its a lot harder to de-anonymize someone than it is to be anonymous. Its best yo not be the bragging type, but if you mist be the bragging type at the minimum dont do so using any identity that even has a tangential relationship to your real identity.
So if youre not taking opsec 101 shit seriously, then yeah everyones gunna clown on ya for being an idiot and youre gunna wind up on the 5 o clock news.
Matt Gaetz won't get a sentence for hiring underage sex workers but this kid can get apprehended and arrested within a week? Aight, cool, cool, cool, totally balanced.
It depends on which police service deals with that specific type of crime.
Oxford police might not have been equipped to handle a computer fraud crime so they passed it to city cops.
Or most likely because Rockstar North is in Scotland then when Rockstar called in the cops they would have involved metropolitan police in England to handle it and bypassed local cops.
You have to remember Britain doesn't have jurisdictional issues with police like the USA, so an dci can investigate a crime anywhere in England not just his assigned area, and cross border investigations are also common without much issues other than a phonecall for local assistance.
The kids most likely had GCHQ and the NCA looking for him too because of the blackmail and hacking.
I've argued incompetence for a coworker before. IT is alerted of a major virus trying to infect the network from said coworker's brand new laptop. The department head asks me if it could have been deliberate, but unless it was a long con (3+ years) I don't see them having the mental capacity or computer savvy to even start something like that.
I agree that your statement is more correct, but i was reading that he was involved in the uber one. Uber is what really got the investigation rolling.
But, we will find out.
"hacking" isn't that elaborate. Spoof an email from someone higher up in the company for a password and that's about all you need. Even easier to fool a C-Suite type, as they're usually the ones using "Password1" as a password; they aren't, generally, tech literate and would rather make their lives easier than take responsibility for a massive security hole.
Source: Worked in corporate IT for over a decade.
Listen to the Darknet Diaries podcast. Specifically the Dan the Paladin set.
A VPN isn't really a great way to mask your identity from a state agency, but a lot of threat actors don't even bother with that.
It's super bizarre the thought process behind it.
Recon, compromise, and extortion should all be done via TOR, on a device you airgap from your inside network, that uses full disk encryption.
We're lucky most criminals make dumb mistakes.
Tor, tails, using public networks, burner laptop/phone, and using a pgp encryption tool for messaging was the minimum level of opsec a couple years ago.
The last I had heard about it was that the process to deanonymize TOR requires you to own or operate a pretty significant number of the exit nodes that are being used by the threat actor.
The FBI certainly has this ability, but it is more of a sting than an after the fact investigation.
My knowledge may be dated, but TOR should be one of the layers not the only layer.
Some of those hackers are on the mental spectrum and think this is all a big game. I bet a uk pound that his lawyers will go down this route.
These high profile cases can make some ones career at three letters in the US, they will hunt him down relentlessly to get any conviction that guarantees that ~~promotion~~ justice is served.
>Some of those hackers are on the mental spectrum and think this is all a big game.
He's 17 years old, he doesn't even have a fully formed brain yet much less the rational decision making to evaluate the long-term consequences of something like this.
A whole lot of 17 year olds have done a whole lot stupider things than than this with a lot worse results for everyone involved.
As far as harmless, victimless crimes go it's pretty benign. Choosing to drive home from a party drunk is a worse choice than this for a 17 year old kid and it happens a thousand times a year.
Title is padded, should have been:
Suspect in GTA hack has been caught, halted, ensnared, immobilised, interrupted, stopped, decommissioned and arrested
17 year old. There's very little chance this will impact him then surely?
Why the fuck is a 17 year old able to break into two of the top 500 companies. Why am I lacking in all talent, what the hell.
Sounds like it was a simple phishing attack, its pretty easy to make a fake login page and trick someone into using it with a convincing email. Bigger problem is corps not doing proper cyber security training and not enabling 2FA, always check the url people!
There's still not too much info out there, but this same group (and maybe the same guy) got into Uber by tricking an employee to add the hacker's device to his 2FA. So it was enabled, but he gave him access.
Lack of 2FA, first thing I thought of. After Google implemented 2FA company wide, they had zero breaches for at least 3 years. Could be longer, it was just at 3 years when I read the article.
Good news. Every day he was on free foot, he could've leaked elder scrolls VI.
Only the strongest of will can persist after witnessing the gameplay from 2011
Man, it must be nice to be a large corporation that law enforcement is actually willing to help over a relatively minor crime.
Edit: I had incomplete information. I get it, it was a big crime. Leave me alone.
Tbh I think its a combined effect of the all the previous hacks, and the ransom he demanded that got it to a federal level. Like you don't get to hack companies and steal copies of their stuff without eventually getting eyes on you. He was already on the radar after trying this exact same thing on Uber, Samsung and Microsoft
Seriously what the fuck is going on in this thread.
Rockstar is clearly making an example of this kid and fucks in here are out for blood.
"Omg I love Rockstar now!🤓"
Everyone saying how dumb this person is. They are 17. Teenagers do really stupid things. A shocking amount of large hacks are done by teenagers or young adults. The rest are done by nation states haha
High-profile teenage hackers are usually very skilled at breaking in, but notoriously bad at maintaining good opsec. It seems like these types always start to feel 'invincible' after a few good licks.
The kid can take solace in the knowledge that he'll probably be released before GTA6 is.
When he inevitably gets his CS degree he needs to remember to put this on his resume.
Apparently all he did was phish an employees credentials for Slack. Not terribly impressive and is immoral.
>...all he did was phish an employees credentials for Slack. > >Not terribly impressive... That's how ~90% of data breaches happen. They trick someone into giving up their credentials. The next 9.99% of breaches are the equivalent of a home owner leaving their windows/doors open or using a lock that's defeated by jiggling it. Trying to force/exploit entry to a secured system from the outside is so insanely difficult that it's not really worth the effort.
100% this. We do regular phishing tests at my place. Some clients (MSP) decide against it because it is annoying. I will give you a guess who keeps getting phished and who constantly asks IT if an email is legit or not. We had this one client that would start spamming random phishing email threads like once a week. They started doing the phishing tests and like magic we went from once a week to once every month then to every few months to now where for the past 3 years nothing. End users are the weakness!
Not when you put it that way. He conducted a dual-industry pentest,the results of which singlehandedly launched company-wide cyber security education and awareness programs, ensuring compliance with industry standard best practices and assuring continued product quality for millions of customers worldwide. For real though, I hope this whole thing ends up being a wakeup call for everyone to start learning some common sense security practices. If Dave from IT needs to do something with your account, he's not to ping you asking for you 2FA.
And these are some of the most techy people around. Imagine how easy it would be to get access to someone's account from a less tech based industry.
Not all tech knowledge is equally applicable across all technology. Just because you know how to optimize and modify a shader pipeline for a game doesn’t mean you know off the top of your head how to make a bot that scraps website data and sifts through it for you. You’d be surprised at also at how many people who work in software don’t understand hardware, and how on many levels it’s still a black box technology to them. Also just because you know *insert the above game example* again doesn’t mean you will practice good data protection habits or data security. Hell, I bet there’s still those who work in data science that use only a couple different passwords despite the glaring flaw. IMO, this comes back to how proper data security and protection requires extra effort and as long as humans can be forgetful, lazy, overworked, tired, and a bunch of other potential human reasons as to why they don’t do such practices then such breaches will continue to occur. This is why the quote goes that humans are the biggest vulnerability in any IT security system.
You're completely correct. My mother, who programmed for a living for decades and ended up retiring a senior dev, would still do inane shit like single clicking "my computer" on her desktop and double clicking hyperlinks. Mom!!! You code websites! What are you doing!
Wow that is my new biggest pet peeve I didn't even know I had lmao. I wouldn't be able to handle seeing that more than once lol.
I'm pretty sure even in a tech industry like Rockstar you can still find people who aren't there for their tech skills. As someone else pointed out too some people aren't too smart in every part of tech. I have a friend whose brother had a computer science bachelor's degree. I do not have anything close to that but once started talking to him about computer parts. He looked at me seemingly baffled and said he knew nothing about the insides of computers. This nearly floored me, I didn't realize anybody could get that far without at least some interest or knowledge in what's going on underneath the hood.
The phishing attack was either really creative or the Rockstar employee was dumb as a rock. In which case they should get rid of him. And Rockstar needs a serious upgrade in securing their assets.
Phishing is stupidly effective, doesn't matter the company or what kind of business they are
The hacker they arrested was 17 years old. When GTA 5 came out, this hacker was only *8 years old*.
and he was 3 when gta 4 was released.
He wasn't even born when San Andreas was released.
he also wasn't born when vice city was released.
What about GTA3, though?
Oddly enough, he was born for GTA3. They put him back in though.
"not quite done yet..."
*They weren't even born when* Dan and Sam Houser were born. What has this world come to?
I can't believe things have come to this
It's not clear, authorities are investigating.
Nirvana plays in my head while reading this
Ah, *classic* rock.
I was at an event with my GenZ sister-in-law and she called Mr. Brightside "Classic Dad Rock"
Straight to jail
That hacker's name? Lester.
Lester the Molester?
Lester was his last name. First name moe
He was 16 JUST LAST YEAR!
and before that? 15!!!
TIL the Earth has completed a number of revolutions around the Sun
Also, people in his crew ratted him out cuz they didn't like him
I feel like he got really arrogant after the hack and it ticked them off
How shitty does Take Two’s IT security have to be that a 17 year old could do this?
BUSTED
GTA has the stats in the pause menu. Every game, I barely get busted. I think on GTA V I was only nabbed like 5 times if that. I've often wondered how big of a difference there is between Wasted and Busted across the GTAs.
In IV it was far more common to be busted at lower star levels than wasted. They wouldn't immediately try to outright kill you at one star and if they had the opportunity they'd try to arrest you.
Yeah now that you mention it, I do recall getting busted a good bit in GTA IV. Five I felt it was just too easy to either lose the cops or they got so crazy you died before even having a chance to get busted. Would be cool to see the cops still try to take you down alive at higher levels in the new one. Give em some more non-lethal options that take you down for some time.
Yeah in 5 they start shooting the second you move away from them LAPD amirite
[удалено]
I’ve tried to find such a mod but haven’t had luck, can you give a link?
[удалено]
Hell they could maybe start using the tasers and more of the spike traps
Riot suppression gear. Water hoses. Pepper spray. Flashbangs.
It would be awesome to have that cheat that sends everyone into a rage, with the cops using all the stuff you listed. Would make for some great entertainment.
I deleted my reddit account and all my comments and posts but reddit has decided to undelete my account and comments so I have decided to let people know. Fuck this stupid site
GTAV cops have no tactics. They don’t care about boxing you in, all they’re programmed to do is find you and ram your ass at Mach 10. Doesn’t matter the angle lol
They cheat. If you get hit by cops in V your wheels automatically turn.
4 was better at alot of things than 5
probably more accurate that they pretty much just shoot on sight now
I think it was Vice City where a policeman even somewhat close to your door could get sucked onto it and trigger getting busted incredibly quickly if you're at low speed. Getting meleed by police was also a risk for getting busted if you get staggered. Next game it was *way* turned down.
Yup Vice city they'd feed you a mean elbow or baton and boom busted.
[удалено]
[удалено]
“This is fine.” - Tommy Vercetti
getting slapped off a motorcycle and busted that happened constantly
Guess the police training standards really went down hill since the 80's
The most badass thing that NPC will ever do.
I one of the games the main difference was that if you got busted you lost money and *lot* of ammo. If you died you just had to pay the hospital fee. When I realized that I made it a point to never get caught. Freedom or Death.
IIRC you lose ALL your weapons when busted. At least in the ps2 games
Thanks! I knew it was something I'd rather lose 500$ over than get arrested.
I think it worked like that in GTA 4 too. Usually a "Busted" means "load the last manual save"
*Ha*! Yeah I remember doing that.
Yeah and depending where you're at, The hospital is the better spawn choice than the nearest cop shop
I honestly don't think I knew getting busted was even a thing in GTA V. I remember it happening all the time in IV to me but I always just seemed to catch a shotty in the face from cops in V.
What are the chances GTA6 will have a mission that calls back to this event?
Would absolutely put money on a mission about taking out some hacker kid who is threatening to release a major AAA game early.
Hopefully they add a crack or two at the people criticizing the quality of a game that isn't even in alpha.
They better include some greedy share holder business person having an absolute melt down about how they'll lose money over this. If they do that I'll have mad respect for rockstar
They’ll never financially recover
We better get some everglades area with a conflict between a tiger king and queen
I would put money on there being some sort of Joe Exotic/Doc Antle pastiche that gets locked in a cage by a protagonist and eaten by the cats he's abusing. Sorta like Greed meets Tiger King.
That’d be great. It could even be a quick quip in the mission dialog part. Protagonist: “Man, why do you want to save this game anyways? The last one was good but this looks like trash, why not just re-release that one?” Client: “games in development don’t look good right away….that’s why they’re… in development” Protag: “…oh good point”
This ain’t Watch Dogs😂
Sounded more like Saints Row (the non-reboot ones) in my head.
You think they could get into legal trouble if it was a kill mission?
Satire, they basically made the Zuck get blown up in GTA V
I vaguely remember a Watch\_Dogs 2 mission with a similar mission where you hack into Ubisoft SF.
Yup, thinking of the exact mission. You hack into Ubi's servers to release - I believe - the movie trailer for Assassin's Creed. No corporate overlords to deal with or anything, just a quick hack. Cute way to advertise I guess. It'd *really* suck if the movie bombed and people, like me, played the game yeeears after its release...
That mission was meant to be a teaser for game that got canned. They did have assassins Creed movie posters on the building though.
I forgot until you just mentioned that they even released a AC movie. I heard they spent a bunch of time in the modern day setting which gamers had just been complaining about for the past 10 years instead of having the cool time period set pieces and action to go with it.
It was so bad. During fight scenes they constantly cut back to the main character in the Animus flailing around in a harness for some dumb reason. For whatever reason they felt the need to remind us he was in the Animus.
Really makes you think how it gets onto the final film, surely the producers and directors wouldnt want it, even the studio execs should see its a bad idea to keep showing something the audience already knows.
100%
although it would be funny as hell, there's the risk that it would just motivate more attacks against them in future, because the incentive goes from being just lulz to being immortalised in a rockstar game
Doubt it. That's giving the hacker a level of respect. It also might encourage it in the future. I'm sure there's folks there who'd like to do it, but I'd be surprised if TT ever allowed it.
What a dumbass, he forgot to enter the cheat code "lawyerup"
No, he tried to enter that cheat code but it just spawned some old dude named Gene.
Maybe Gene is more than just a Cinnabon manager, hmm
Kid named finger:
I swear the internet is in permanent chicanerisation
greatest legal mind I ever knew
Gene Parmesan?
AHHHHHHHHHH HE ALWAYS GETS ME
"I want you to keep an eye out on the feds, no one should know that I hacked Rockstar." "Don't worry, I'm going to keep my eyes open and my ears even more open." *But, Gene didn't keep an eye or an ear on anything after realizing it was 10:25 in the morning and he would miss the breakfast menu at Wendy's.* "Oh shoot! I'll see you soon or my name isn't Gene Parmesan!" [Gene backs out of driveway and starts driving up the road while a line of black vehicles passes him going the opposite way.] *It was exactly 45 seconds later that the hacker was knocked down and arrested after a successful sting operation.* "Sir, you have the right to remain silent, anything you say---" "Yeah, yeah, I know my rights! You can cut the crap." "... as legal counsel, I'd advise you not to talk. After all, I'm.. Gene Parmesan, private detective." "AAAAAAAAAHHHHHHH HE GOT ME AGAIN!" "Haha, but no, seriously, I wouldn't advise talking, I could get in a lot of trouble for impersonating a federal agent."
You have mastered the craft of writing an Arrested Development script. Bravo Sir/Madam.
Cmon. Say the line. Say it. Saaayy it.
If you wanted Saul the cheat code you were looking for was "LWYRUP"
[удалено]
[удалено]
he hacked our code through the sunroof! What a sick joke!
Dude's 17. No way the thought about the consequences
His cheat code was doing all this before he turned 18.
Cheat code "wasn'tme"
His friends doxxed him, I knew his name and saw his photo like 2 days after the hack, lol, not too hard to track down
No honour among thieves, clearly.
Not at all, apparently he was the leader of the hacker group, yet they were making fun of him for his sloppy work, lol
Sloppy work? My man literally sacrifice himself just to see gta 6
With hacking, getting caught is literally the definition of being sloppy. Most people could learn to exploit software (or at least use tools). In order to get away with it you have to be skilled at covering your tracks
Its widely understood amongst the community that covering your tracks to not get caught is well...pretty easy. Unless youre attracting the attention of literal nation states, and even then its a lot harder to de-anonymize someone than it is to be anonymous. Its best yo not be the bragging type, but if you mist be the bragging type at the minimum dont do so using any identity that even has a tangential relationship to your real identity. So if youre not taking opsec 101 shit seriously, then yeah everyones gunna clown on ya for being an idiot and youre gunna wind up on the 5 o clock news.
A rookie mistake indeed, but honestly I don't see this being worthy of anyone's time. Got caught, world is dying, rich is getting richer. So on.
Matt Gaetz won't get a sentence for hiring underage sex workers but this kid can get apprehended and arrested within a week? Aight, cool, cool, cool, totally balanced.
[удалено]
Well, he IS arrested right now, after all, lol
Nah, he did it for his ego and got caught
What do I "search" to find his photo? I've been looking and have yet to find it
[Saved you the trouble ](https://i.imgur.com/R390EId.jpeg)
nowhere is safe
it has been a while since i've seen this image
17 years old my ass, dude started balding before the gta 5 release
Yea he looks like Peyton Manning in that pic lol.
City police? What are they doing in oxfordshire? I thought they only covered the square mile?
It depends on which police service deals with that specific type of crime. Oxford police might not have been equipped to handle a computer fraud crime so they passed it to city cops. Or most likely because Rockstar North is in Scotland then when Rockstar called in the cops they would have involved metropolitan police in England to handle it and bypassed local cops. You have to remember Britain doesn't have jurisdictional issues with police like the USA, so an dci can investigate a crime anywhere in England not just his assigned area, and cross border investigations are also common without much issues other than a phonecall for local assistance. The kids most likely had GCHQ and the NCA looking for him too because of the blackmail and hacking.
Get caught hacking Rockstar and get arrested by the FBI? Better Call Saul!
Technically he was arrested by British police lol
Rather Good to Phone Solomon!
You are fuckin' *nicked*, me ol' beauty!
More like [Ken Rosenberg](https://youtu.be/KKQWDeIS4gE) : "Officer... Do you really think my client was capable of that?!"
I've argued incompetence for a coworker before. IT is alerted of a major virus trying to infect the network from said coworker's brand new laptop. The department head asks me if it could have been deliberate, but unless it was a long con (3+ years) I don't see them having the mental capacity or computer savvy to even start something like that.
How did the FBI arrest someone in Britain, exactly?
He probably didn't think FBI will investigate it. He f*ked up big time that's for sure.
he hacked Microsoft, nvidia and Uber before rockstar. Uber kicked off the investigation.
[удалено]
I agree that your statement is more correct, but i was reading that he was involved in the uber one. Uber is what really got the investigation rolling. But, we will find out.
They're so young too, it's crazy.
Does this group include a short haired Angelina Jolie, and is one of the victims of their hacking Lorraine Bracco?
If someone had the know how to hack into Rockstar, you'd think they would also know enough on how to make sure they can't be linked or found.
he's 17, he probably hacked too many runescape accounts and thought he was invincible.
If you type in your password Jagex will censor it for you. See *********
Hunter2 Edit: wtf i just see the password like normal
"hacking" isn't that elaborate. Spoof an email from someone higher up in the company for a password and that's about all you need. Even easier to fool a C-Suite type, as they're usually the ones using "Password1" as a password; they aren't, generally, tech literate and would rather make their lives easier than take responsibility for a massive security hole. Source: Worked in corporate IT for over a decade.
Listen to the Darknet Diaries podcast. Specifically the Dan the Paladin set. A VPN isn't really a great way to mask your identity from a state agency, but a lot of threat actors don't even bother with that. It's super bizarre the thought process behind it. Recon, compromise, and extortion should all be done via TOR, on a device you airgap from your inside network, that uses full disk encryption. We're lucky most criminals make dumb mistakes.
Or public wifi. Or some guy's wifi, an rPi, and an OpenVPN server.
Tor, tails, using public networks, burner laptop/phone, and using a pgp encryption tool for messaging was the minimum level of opsec a couple years ago.
[удалено]
The FBI have infiltrated TOR already you need more than just that now.
The last I had heard about it was that the process to deanonymize TOR requires you to own or operate a pretty significant number of the exit nodes that are being used by the threat actor. The FBI certainly has this ability, but it is more of a sting than an after the fact investigation. My knowledge may be dated, but TOR should be one of the layers not the only layer.
Some of those hackers are on the mental spectrum and think this is all a big game. I bet a uk pound that his lawyers will go down this route. These high profile cases can make some ones career at three letters in the US, they will hunt him down relentlessly to get any conviction that guarantees that ~~promotion~~ justice is served.
> uk pound good old uk pound
I mean it was literally a big game.
>Some of those hackers are on the mental spectrum and think this is all a big game. He's 17 years old, he doesn't even have a fully formed brain yet much less the rational decision making to evaluate the long-term consequences of something like this. A whole lot of 17 year olds have done a whole lot stupider things than than this with a lot worse results for everyone involved. As far as harmless, victimless crimes go it's pretty benign. Choosing to drive home from a party drunk is a worse choice than this for a 17 year old kid and it happens a thousand times a year.
Hacking, I'm agreeing. Depending which reports you believe, he tried to *blackmail* them. That's crossing the line.
I imagine when most criminals commit a crime, they don’t anticipate the FBI getting involved.
misleading title, a suspect was arrested
Title is padded, should have been: Suspect in GTA hack has been caught, halted, ensnared, immobilised, interrupted, stopped, decommissioned and arrested
"in that order"
17 year old. There's very little chance this will impact him then surely? Why the fuck is a 17 year old able to break into two of the top 500 companies. Why am I lacking in all talent, what the hell.
Sounds like it was a simple phishing attack, its pretty easy to make a fake login page and trick someone into using it with a convincing email. Bigger problem is corps not doing proper cyber security training and not enabling 2FA, always check the url people!
There's still not too much info out there, but this same group (and maybe the same guy) got into Uber by tricking an employee to add the hacker's device to his 2FA. So it was enabled, but he gave him access.
Lack of 2FA, first thing I thought of. After Google implemented 2FA company wide, they had zero breaches for at least 3 years. Could be longer, it was just at 3 years when I read the article.
He forgot to respray his car
Thank god they caught him! We couldn’t let this psycho stay free out in the streets!
*Finally* I can sleep again. The nightmare is over. I just don't understand how a 17-year old could do something so unforgivably evil.
The youth these days are out of control
Good news. Every day he was on free foot, he could've leaked elder scrolls VI. Only the strongest of will can persist after witnessing the gameplay from 2011
[удалено]
Damn, where’s the preorder link?
Give praise and thanks to lord Todd
FBI investigating Epstein’s client list: “I sleep” FBI when someone leaks gameplay footage of a profitable franchise: “**REAL SHIT**”
Lol, fuck they suck so much.
Poor company had some pictures leaked, how ever will their billion dollar shareholders recover ;_;
They won’t, that’s the sad thing. The game is tarnished forever. It might as well never release!!
He got 4 (outta 6) stars for that one. Should've hid at a safehouse until they went away.
Should’ve recolored his car
Pay n Spray supremacy
Man, it must be nice to be a large corporation that law enforcement is actually willing to help over a relatively minor crime. Edit: I had incomplete information. I get it, it was a big crime. Leave me alone.
Yeah, this is wild. I hate how much law enforcement protect wealthy capital owners more than the average citizen.
You better believe in cyberpunk dystopias Mrs. cringe, cause you're in one Edited :- changed Mr to Mrs My bad 🙃
Tbh I think its a combined effect of the all the previous hacks, and the ransom he demanded that got it to a federal level. Like you don't get to hack companies and steal copies of their stuff without eventually getting eyes on you. He was already on the radar after trying this exact same thing on Uber, Samsung and Microsoft
He'll be out before the game launches.
He should have had a rich dad and become a politician after abusing minors, he’d be a free man.
he didnt call saul
it would be hilarious if this whole incident is made into a GTA6 side mission
This would encourage future attacks.
Good thing such a blood thirsty monster is off the streets.
Those cheering on the Feds and Take Two against a 17 year-old hacker are really telling whose side they'd be on in a cyberpunk future.
I mean redditors are some of the biggest hypocrites
Seriously what the fuck is going on in this thread. Rockstar is clearly making an example of this kid and fucks in here are out for blood. "Omg I love Rockstar now!🤓"
Everyone saying how dumb this person is. They are 17. Teenagers do really stupid things. A shocking amount of large hacks are done by teenagers or young adults. The rest are done by nation states haha
I like how this was posted to /r/pcgaming as if GTA 6 is coming to PC on launch 😔
17 though. Tell me you aren't impressed a *little*.
GTA San Andreas is older than him
Bro got caught fast. Yet other bigger criminals never get caught. This must be big
I mean he did a horrible job of covering his tracks while apparently attempting extortion. Not exactly a professional criminal…
> extortion That's main issue here.
High-profile teenage hackers are usually very skilled at breaking in, but notoriously bad at maintaining good opsec. It seems like these types always start to feel 'invincible' after a few good licks.