British teen from the Lapsus$ gang hacks GTA 6 details in a small town hotel room using an Amazon Fire Stick. Despite compromising British telcos, he’s exposed, caught by authorities, and leaks GTA 6 footage after using the Fire Stick to access cloud services and breach organizations. The tale highlights untapped talent and lack of support in his education system.
Also highlights the fact that government agencies are doing Rockstar’s dirty work. Think you’ll ever see this level of investigation for someone’s account hacked for nudes or identity theft? Nope, only corpos worth multi-billions get expensive, in depth investigations paid for by tax dollars.
The kid also stole 14m dollars and was already caught for his previous hacks into other companies.
The NSA has no idea whatever do you mean. /s
I’m not sure what you’re getting at. He broke the law, the government investigates and enforces the law.
What do you expect to happen? Should the government not investigate crimes against corporations? Should corporations be required to pay for the government investigation into a crime perpetrated against them?
Seems like pretty quickly the governments would only be incentivized to investigate financial crimes against corporations.
Seems like a worse pay-to-play scheme than the alleged thing you’re mad about.
Good tldr
The story is more interesting than the title suggests! This guy was arrested for hacking two telecom companies, got released under investigation, then immediately hacked Nvidia before being put under house arrest. After that, he was relocated to a hotel (due to being doxxed) where all he had to work with was a Fire TV stick, which he promptly then used to hack Rockstar.
All in all, he’s believed to have stolen $14 million+. By the way… he’s 18, autistic, and enrolled in a special education school.
After that, he was relocated to a hotel (due to being doxxed) where all he had to work with was a Fire TV stick, which he promptly then used to hack Rockstar.
Fuckin’ bravo. I mean, don’t do that, but on a purely technical level - nice.
deleted by creator
Well, between getting doxxed and annihilating any chance he had at getting a lenient sentencing, the more sensible decision would have probably been to sit on his hands and bide time for a couple months lol.
Given he’s autistic, that’s probably actually impossible for him to do.
Well in that case I guess he’s been cursed by fate in an uncaring world 🤷
But at least we can punish him. Eh?
That’ll teach him for being congenitally neurodivergent.
And… I mean, a criminal.
I’m not commenting on the moral issues but laws exist and they were broken.
He didn’t just steal content. He then tried to blackmail the company to not release the content he stole.
Also, while you might be able to justify piracy of a released product in various ways (the common argument is that the would be pirate wouldn’t have paid for the product anyway and digital goods don’t have any cost to the developer from pirating them). But when the product hasn’t been released yet, then it has a much bigger cost because the pirated copy is the only option available and thus it can eat into actual sales. The inability to go through with their planned launch (something big publishers will spend millions hyping) and the release of an unfinished product can absolutely have financial damages. It’s hard to recover from a bad launch.
And that’s without getting into the fact that hackers like this don’t usually stop at just leaking video games or the likes. They’ll also often steal people’s personal information. It’s a lot easier to see the moral issues when it’s your information being stolen.
deleted by creator
There’s no ethical use of ransomware.
deploying Godwin’s Law
Oh yeah? What about ransomware-ing NAZI’s and Hitler?
Is that immoral?
Probably, since you’d have time travel, but not just shoot the bastards.
You’d also need to bring lots of computers with you and first convince the nazis to use them
If I’ve learnt anything from Indiana Jones, that won’t be a problem.
Time’s a circle, you shoot then out the window on the next pass.
<.< Ransomwareing putins computers?
deleted by creator
The fact he used a FireTV stick to hack Rockstar is pretty impressive lol
I’m guessing those things run Linux. So you would just need a shell.
Though I’m guessing term of his house arrest didn’t allow him to have a keyboard. That part has me curious.
They run Android, so not really standard Linux, but yeah.
Install an Android app that lets you ssh into something, bingo bango, you have a full Linux terminal
It says he used cloud services so probably only needed a web browser
bingo bango
what’s up with this phrase coming back into style?
So either a remote control or voice control.
Anyway, kid has too much time on his hands, lol.
The article or maybe the comments said he accessed a cloud based Linux service using the FireStick and went to work from there.
Rock, fire, stick… there’s a theme
Yeah, the theme is “Don’t underestimate Neanderthals, they’re pretty much the granddaddy of Homo sapiens”. Or in short, “primitive, not unintelligent”.
… what?
Da fuck…
Waiting for the movie btw 🍿.
Rain Man 2
Exploit boogaloo
Prior to reading your comment, I considered myself to be a skilled software developer.
It always warms my heart when a single person is able to outsmart large multi-million/billion dollar tech companies like Nvidia and Rockstar. Really shows how piss poor these companies security can be.
I would definitely look to hire that kid with a high wage just to make sure he doesn’t hacke me again, if I were one of the companies he hacked into. Companies should really think about trying to hire these hackers because then the threats against them might go down ever so slightly.
Counterpoint: he got caught. Whatever his offensive capabilities are, his security posture is evidently lacking. Recruiting a glass cannon like that might not work out if you’re looking for help with security hardening.
Counter-counterpoint: he could work as a pentester, where his sole purpose is to just break into things.
Leave the policy making and actual hardening to someone else.
Then comes the issue of a rogue pentester selling his clients zerodays into black market for crypto. Don’t know if the myth of being hired by government agencies is true.
I know nothing about anything but I definitely believe the government would do it. If anyone has the power to keep the hackers acting nice it’s the government. Especially if they write your paychecks.
I would definitely look to hire that kid with a high wage just to make sure he doesn’t hacke me again, if I were one of the companies he hacked into. Companies should really think about trying to hire these hackers because then the threats against them might go down ever so slightly.
I understand your thought, but some people just want to watch the world burn and you definitely don’t want to bring that sort inside.
This guy seems to be driven, capable and lacking the common sense to know when to stop.Its kind of inevitable, you know that meme about the overlap between the smartest bears and the dumbest tourists? Well the same is true for secure working practices and the dumbest/laziest employees. Any system too secure will also be enough of a pain in the ass that some people will start doing stupid shit that nullifies that security.
For others like me interested in the exact example; it’s about the difficulty of designing a trash can that smart bears cannot open and dumb tourists still can. You cannot create something too secure if you still want dumb people to use it as well, due to the overlap.
The quote is not really saying dumb people will break / nullify security, like I read in the above comment, but more that they just will not be able to operate it.
Companies should really think about trying to hire these hackers because then the threats against them might go down ever so slightly
some companies do.
I want this guy’s energy. Nothing could stop him!
If you’re autistic, the outside world is horrifying to you and technology is the only thing you care about, so that’s what you’ll eat, drink and breathe all the time. It’s not really about the energy, it’s about the environment and your ability or inability to tolerate certain aspects of it.
Jesus Christ, this man is a criminal Tony Starks
With the right education he could be the genius we need. Instead of prison he needs a decent mentor.
seriously, lets put this kid to good use.
This guy was arrested for hacking two telecom companies, got released under investigation, then immediately hacked Nvidia before being put under house arrest. After that, he was relocated to a hotel (due to being doxxed) where all he had to work with was a Fire TV stick, which he promptly then used to hack Rockstar.
All in all, he’s believed to have stolen $14 million+. By the way… he’s 18, autistic, and enrolled in a special education schoo
wild
Fucking legend
Seems like a person I like and would love to smoke a joint with, lol
This has to be a movie plot…
The story is more interesting than the title suggests! This guy was arrested for hacking two telecom companies, got released under investigation, then immediately hacked Nvidia before being put under house arrest. After that, he was relocated to a hotel (due to being doxxed) where all he had to work with was a Fire TV stick, which he promptly then used to hack Rockstar.
All in all, he’s believed to have stolen $14 million+. By the way… he’s 18, autistic, and enrolled in a special education school.
Heh Kid’s handle better be dr0id or some shit: “give me an android terminal and I’ll hack the world”
The Fed will offer this guy a job. He’s got a future.
Uh, have you ever seen a federal job application requirements?
#1: not a felon
That’s only for the plebs that apply through the normal means, not for savants whose skill balances the risk - they can put a few agents to track what this dude is doing, but its much harder to find another guy eith this much skill whos also not a felon.
Also this is all speculation ie I pulled it out of my ass but doesn’t it sound plausible?
It doesn’t sound like he’s been convicted of a crime yet…
I mean sure, if you’re the one applying. If they’re offering they can choose whatever the hell criteria they want.
Uhhhh so when’s that movie coming out? I’d watch the fuck outta that!
All in all, he’s believed to have stolen $14 million+. By the way… he’s 18, autistic, and enrolled in a special education school.
that kid’s my hero
This is a bit of a crossover ep between the movie Hackers and the DS9 ep where Julian basically got introduced to a group of obviously coded autistic anarchists.
I feel guilty now because I bought a new monitor because my old screen space wasn’t cutting it.
Removed by mod
He bought the fire stick from the shop right next to the hotel… how the heck did he get Linux on it? Or are they selling those bootleg fire sticks?
He used a rented server to hack Rockstar, the FireStick was merely a means to connect to it.
Was reading Hackaday’s source article on BBC and came across this:
That did not deter the duo who continued hacking with Lapsus$ and successfully breached Nvidia, a Silicon Valley tech giant that makes chips for artificial intelligence chatbots, in February 2022.
That’s a funny as fuck way of classifying Nvidia.
Sounds like something written by AI, ironically. That’s the most talked about thing for the moment, so that’s what it picks up on. It doesn’t care if it’s correct.
But it is correct now. Nvidia is making way more AI chips cards whatever then it is GPUs.
It’s not inaccurate though. They do make a AI chips.
They probably make more than than they do GPUs now. Which is depressing.
Gaming GPUs are now only a small part of their revenue.
Nvidia now cares more about AI than gamers, and people now know more about them because the AI chips they make, I have an Nvidia GPU, but I’m looking to get an AMD GPU (Also and intel ARC will also be fine because I upgrade my power supply), I dislike Nvidia a lot now.
I like the Arc series as a concept, because they’re the only value-driven option. Nvidia is just about pumping power and AMD is about trying cool gimmicks like dual clocks and chiplets.
Eventually I hope that the Arc series contributes to an Intel chiplet series similar to the APUs available on handhelds.
wait isnt the firestick like a chromecast? how does one even hack with that???
Its just android skinned
Its a computer. That’s all a hacker needs.
Firestick’s are just re-skinned android, which itself is a linux distro very basically. It’s not extremely difficult to get a working terminal that can install languages and packages like a normal linux distro. I think they even have OOTB support for keyboards/mice. That said, it’s a lot funnier to picture them sitting there with the remote like it’s super smash.
You can connect bluetooth devices to it and run a browser, command prompt, etc. I’m thinking he used that type of stuff through the firestick.
Even supports keyboard and mouse. Itd be annoying as hell to use, but be usable
(termux would give you like a full linux experience even)
It is nothing more than an internet connected terminal. Once you’re logged in to a server, the firestick is only sending/receiving small chunks of text.
The moment of excitement in one’s hometown and the sensationalist reporting aside, we can’t help feeling sad that a teen with that level of talent evidently wasn’t given the support and encouragement by Oxfordshire’s education system necessary to put it to better use.
What a weird conclusion for the author to draw
How so? Someone needs to hire this kid, he sounds like he has a lot of potential.
I don’t know enough about this kid from the article to argue that he’s not highly skilled.
It’s still a weird tangent though and reductive to blame the school system, when he doesn’t even present any evidence that this was caused by some failing of the schools. Maybe you’ve been following this and can provide more context, but this context wasn’t presented in the article.
he doesn’t even present any evidence that this was caused by some failing of the schools
The cynicism I’ve gained over the last 7 years tells me that there’s an agenda being pushed there.
EDIT: To elaborate. I’m not arguing whether “the agenda” the author has is good or bad, but it’s off-base. If you’re reporting on a story, you really should leave your feelings about the story at the door. It’s not like the story isn’t interesting enough! If this were an op-ed, then that’s one thing. But the “sensationalist reporting aside” and “we can’t help feeling sad” and then pointing to… the UK’s education system… it’s clearly not objective. You’re not presenting facts and facts alone, you’re presenting facts with your opinions mixed in.
Just look at what the author invited into his comment section with that:
Not enough male teachers for these lads to confide in and see as role models.
Blatant sexism.
Yes, keep male teachers who are not woke away from kids.
Groomer accusations.
If I had to guess I would pick serious mental illness rather than a failing by the schools.
Disparaging of neurodivergence (neurodiversity? IDK if that’s still the right term). Hacking into companies and bragging about it is something even neurotypical teenagers do.
bigfoot, the loch ness monster, a functional education system. list of things that don’t exist.
Anti-education screed.
As for the energy, I suspect actually getting laid, probably for the first time, would likely help.
Do I even need to say anything about this one?
You’re not presenting facts and facts alone, you’re presenting facts with your opinions mixed in.
Yes, that’s because they aren’t doing any reporting. It’s commentary. That’s the point of it. The actual news they’re commentating is this article by the BBC. It’s Hackaday, not Reuters.
I suspect our schools are failing us if we don’t even know how journalism works.
I don’t think it’s an agenda, I think it’s just poorly delivered. The facts are:
-
Teen hacks corps using a Fire Stick.
-
Teen has done something novel with proprietary hardware.
I think it’s safe to assume that he’s intelligent and creative based on those two things. With proper guidance from the right kinds of people (including parents), someone like that could eventually put those talents to use on someone’s Red Team, or working with an intelligence agency, rather than doing something illegal to stretch their wings (fuck big corporations, but the law is what it is).
I don’t think it’s unreasonable to note that his talents will be wasted by grinding him down in the justice system.
Agreed on all. I just wish that Hackaday presented those points as well as you did, and followed up on them with, for example, criminal justice experts, psychiatrists, educators, etc. The article has none of these, it doesn’t gather supporting evidence to make an informed opinion, it basically reads like a very long tweet.
-
This article might help shine some light on some questions.
You caught a lot of downvotes on the original post, but it is reductive. I pretty sane conclusion but educational support probably isn’t the only culprit, issues like this are multilayered and not so cut and dry.
Never thought I’d see a worse usage of downvotes than on Reddit, but here we are lol. The amount of knee jerk opinions, reactions, and downvoting is surprising
Yes, but kids that age like video games and will push boundaries. So I doubt even the best education could have prevented that.
To hackers hacking is far more fun than anything some school/uni/employer can come up with (until they’re old enough and realize a criminal record isn’t worth it).
There are career hackers. Pen testing and white hat hacking is very much a thing. I’ve been in software for two decades, some of the most talented people I’ve worked with had similar back stories.
I wouldn’t trust this kid with my wifi password.
I’d trust him to recover my WiFi password after I’ve forgotten it
Technically he’s an adult. Still has a childlike underdeveloped prefrontal cortex mind you. Not very smart.
They’re a kid and clearly have a passion for computers and technology which could have been tapped for the greater good - the UK is desperate for more people to enter the cybersecurity industry (but not like this). Sadly there are so few teachers left with any passion let alone expertise in computer science, the kid didn’t stand a chance.
deleted by creator
Like in the documentary Swordfish
Perhaps but it can also be very much against them. I worked at a huge UK cybersecurity org and if you had any prior malicious or computer misuse past, you would get rejected. Given how small the UK is, even tiny orgs can be connected to government or public sector meaning they won’t want anyone on the books with a questionable past.
Hopefully that becomes more nuanced with time. Did you hack your school? Or an unrelated entity? What color hat, grey or black? Last known activity? Age of the person at the time?
All questions that need answers presented alongside any history of misuse.
Honestly I can’t imagine that’s a tenable position to take long term. We’ve seen the U.S. govt rethink it’s approach to IT after it was pointed out their failure to intice applicants was a result of stupidly strict Drug Policy and Dress Code. Who knew that a large segment of the IT field don’t like Business Casual and like to smoke weed? Who knew that people drawn to CyberSecurity are likely to have dabbled on the other side of the line prior to making a career out of it?
deleted by creator
Steal a couple thousands with identity fraud and account hacking? Jail time, no jobs that need cybersec clearance will touch you with a ten foot pole.
Steal millions+ from multiple large corpos with dedicated cybersec, and you’ll be getting offers out the wazoo, but you’ll be rejecting them because you’re already working for some think tank attached to the NSA.
Source: I made it up
Dunno why you’re getting so many downvotes… Even if someone disagrees, it’s a pretty reasonable thing to say.
Plus IMO it is kind of a non sequitur to say “if only the schools were better,” as though his motivations could have been satisfied with better homework assignments, lol.
I’m blessed by being on an instance that disables downvotes, so I hadn’t even noticed haha
fwiw I agree with you in that for the author to include this in their article is pretty weird. At some point it transformed from reporting into an op-ed.
Someone elsewhere in this thread mentioned that it is intended as commentary on another article, but even so, the author doesn’t present what facts or other bits of evidence lead her to believe this can be attributed to a failure of the schools, which makes it even weirder as a commentary.
Indeed. Make of this what you will (anecdotal) but I can say with some certainty that I did some shady things in my younger years that could not be attributed to any parental or societal shortcomings.
Technically impressive but also fuck this kid for all his counts of spreading ransomware and stealing user data to hack their accounts too.
power to the people right on
Has anyone seen where to check the footage out?? Looks like it’s all been DMCA’d from the majority of the web… I’m not a huge GTA Stan but I kinda wanna see what got leaked!
IIRC it looked a lot like GTA V with some debugging info added. Most changes seem to be under-the-hood.
It did look very similar to GTA V, but it’s also worth noting that pretty much all of the footage was from very early production. It’s likely that they were using less detailed character/world models for testing purposes. I imagine the game will look pretty damn good and modern once the proper lighting and textures are applied.
Ultimately I don’t remember anything incredibly interesting from the videos I saw outside of a couple of story beats revolving around the new main characters. It seemed like most of the videos were pretty much testing certain console and systems at non-specified points in game.
Games can be pretty late in development and not look very good, when you see gameplay demos and whatnot in development games is almost always snowflake examples that they bring up to a “gold” standard just for the demo, which is often why they can drastically change prior to release (see halo 2). From the footage of this I’ve seen it was footage recorded from someone in some QA capacity role trying to show an issue to a developer, so it was absolutely one of the most in development looks you could possibly have, any visuals were essentially fluff at that level of development. They probably have a pretty good idea of what the finished product will look like, but there’s really no reason to put that into a version of the game that’s just testing AI.
It isn’t very interesting because it’s just a bunch of internal videos that people sent to each other for various reasons. And it’s all out of context because the context would have been provided in an email but we don’t ever see.
Sometimes I’m not sure what some of the footage is trying to demonstrate.
Also most of the animation stuff isn’t complete yet and the AI, at least in the videos I saw was brain dead. So it’s not really representative of the final product and it doesn’t really look like anything.
Never underestimate a kid with free time
Removed by mod
Wonderful
deleted by creator