Code Red was a beast unlike any other we had seen before. It marked a shift in the threat landscape, demonstrating sophistication and purpose not seen in its predecessors. It wasn’t created out of benign curiosity; its code laid the foundation for future attacks.

Episode 3: Code Red

The worm’s name came from the then-new cherry-flavored Mountain Dew, which researchers Marc Maiffert and Ryan Permeh were drinking when they discovered it. More sinister speculation theorized that Code Red was retaliation for the Hainan Island incident, where an American intelligence aircraft and Chinese interceptor jet collided in mid-air, resulting in an international dispute between the United States and China.

Another theory circled the infamous coding group 29A and a member called Wintermute. Known for creating sophisticated worms, it wouldn’t have been beyond them to create something as complex as Code Red. However, the destructive nature of Code Red wasn’t in line with 29A’s usual creations, casting some doubt on this theory.

The attack’s origin also remains a topic of debate, with some pointing to Makati City, Philippines, and others to a university in Guangdong, China. Code Red’s code contained comments written in English, and its potential test environment was traced back to the Philippines. But without definitive evidence, we can only speculate.

Ultimately, the true origins and creators of Code Red remain shrouded in mystery. However, one thing is sure: it forever changed our understanding of the internet-connected world.

Love this series? Check out the Max Headroom signal hijacking incident or the WANK Worm.

The post Unsolved Cyber Mysteries Volume 3: Code Red appeared first on Bugcrowd.

It’s time to join Bugcrowd Founder and CTO (Chief Terror Officer) Casey Ellis for another spooky episode about the original act of hacktivism.

Episode 2: WANK Worm

“Hacktivism” is a form of digital activism that leverages technological expertise to promote social or political change. It operates in a virtual realm, often employing tactics like website defacement or exposure of sensitive information. Hacktivism has become more prominent in the news cycle due to the collective known as Anonymous. Anonymous is a loosely organized group of individuals who engage in various forms of digital protest.

Before Anonymous and Hacktivism was widely known, there was the iconic WANK Worm. WANK Worm is a prime example of how hacking can be used to get your message across. 

The story of WANK Worm begins in 1989, during a year of particular political unrest. Between the Berlin Wall and the Tiananmen Square massacre, many activists were making their voices heard. 

One of the many controversial events of the year was the planned launch of NASA’s Galileo Probe. This was controversial because many saw the plutonium-powered satellite as the first step toward the nuclearization of space. Two days before the mission launched, NASA employees showed up to work to find a bizarre message popping up on their screens. 

“Your system has been officially WANKed.” 

Watch this episode to find out what happened with this giggle-inducing worm, the impact it had on NASA, and the daunting risks and costs of hacktivism.

The post Unsolved Cyber Mysteries Volume 2: The WANK Worm appeared first on Bugcrowd.

To celebrate, we’re excited to launch Bugcrowd’s brand new series, Unsolved Cyber Mysteries. Unsolved Cyber Mysteries is a micro docuseries that retells the real stories of everyday people who were swept up in extraordinary breaches, unexplained leaks, and outbreaks of sensitive data. This hair-raising series, hosted by Bugcrowd Founder and CTO (Chief Terror Officer) Casey Ellis, unites security practitioners and true crime junkies in the astounding, creepy, and downright terrifying stories of cybersecurity gone wrong. 

Episode 1: The Max Headroom Signal Hijacking

The year was 1987. The Simpsons just premiered on The Tracey Ullman Show, U.S. President Ronald Reagan delivered his famous speech at the Berlin Wall, and Guns N’ Roses released their career-making debut album. 

On the evening of November 22, Chicago locals tuned into WGN-TV’s 9 O’clock news. Just as WGN Sports Anchor, Dan Roan, began discussing the Chicago Bears win against the Detroit Lions at Soldier Field earlier that day, TV screens everywhere suddenly went black for 10 seconds. 

An unknown person in a Max Headroom mask appeared on screen for approximately 30 seconds, accompanied with the eerie noise of static. For those who don’t know, Max Headroom is a fictional character debuted in 1985 in the movie Max Headroom: 20 Minutes into the Future. 

The person in the mask appeared to be dancing in front of a swaying metal background. WGN engineers initially thwarted the attack by changing the studio-to-transmitter frequency used to transmit the broadcast signal. The total interruption lasted 33 seconds and left viewers, sound engineers, and broadcasters alike flummoxed. 

About two hours later during an episode of Dr. Who, airing on the WTTW network, the Max impersonator showed up again. This time, the video clip had sound. Viewers heard distorted audio of the hacker speaking and singing, although most of the statements were random and seemingly inexplicable, like quoting New Coke’s advertising slogan, “catch the wave.” 

Unfortunately, this hijack was less G-rated than the WGN one. Instead of just dancing, the Max impersonator raised the stakes, holding up a middle finger, exposing his rear end, and showing themselves getting spanked with a flyswatter. This intrusion lasted longer, for about 1 minute and 22 seconds. 

Feeling mystified? So was the rest of Chicago (and the world). Don’t miss the first episode of Unsolved Cyber Mysteries to learn more about this hijack, the reaction, explanations of possible motivations, and a breakdown of the impact. 

The post Introducing Unsolved Cyber Mysteries and the Case of the Max Headroom Signal Hijacking appeared first on Bugcrowd.