Hacking is serious business these days: There’s always another attack that might have stolen your online information, another device that may be spying on you, or another vulnerability that you have to watch out for until it gets patched. That’s no fun.
That makes it easy to forget the first hacks were jokes and pranks, invented by coders looking to push a computer to its limit. While most of the world has forgotten that, some still hack with a more lighthearted approach. Here’s what happens when digital attacks get silly.
Sometimes the simplest hacks are the best. Take this 2014 hack of traffic warning signs—which are programmed with basic warnings about serious traffic issues or repair ahead. This hack replaced the warning on a San Francisco sign with, “Godzilla Attack! Turn Back!”
Interestingly, this coincided with other traffic sign attacks on the other side of the country, so we’re guessing someone was passing along an easy way to break traffic software security. State and federal agencies heaved heavy sighs, and put the signs on a long, long list of, “Things way overdue for security upgrades.” But we’re giving this prank extra points, because it was relatively harmless and probably made the drive home more enjoyable. It also spawned a series of amusing copy-cat road sign hacks.
Thunderstruck first made digital waves when Iran scientists were apparently hacked in 2012 to play the song from their computers. It’s not certain if the hack did anything else, but the story got out and quickly captured the hearts of hackers everywhere.
Naturally, the song kept on appearing, first in 2013 as an example of how someone could theoretically hack Thunderstruck into a device with the right PowerShell code (and how to prevent stuff like that). Not everyone was paying attention.
Then came the infamous Ashley Madison hack of 2015, when millions of users had their very sensitive illicit hook-up data stolen, and employees found Thunderstruck playing from their computers. At this point, it’s become something of a trademark, and we have no doubt the song will appear in future hacks as well.
The Lizard Squad was a hacking group that fulfilled the fantasies of every teen hacker on the planet (well, some of the fantasies) when it made headlines for successfully hacking famed PC manufacturer Lenovo.
Using a basic DNS redirect trick, Lizard Squad caused the Lenovo website to redirect to a slideshow of teen hackers nonchalantly posing in front of their webcams, set to the dulcet tunes of Breaking Free from the High School Musical Movie.
This was extremely embarrassing for Lenovo, especially since this came so soon after the company sold laptops pre-infected with the Superfish malware. At least Lizard Squad didn’t destroy data or infect personal computers (although they did spy on a few emails during the hack).
When Bitcoin was first making the rounds as the cryptocurrency to revolutionize the world, everyone had an opinion about it. Dozens and dozens of sites sprang up to offer Bitcoin services, advice, and discussion. Naturally, hackers took advantage of the situation and had a little fun.
Don’t worry. No Bitcoins were harmed during the hack. Instead, the popular Bitcointalk.org forums were taken over and replaced with multiple ads and site redirects for something called Cosbycoin. And yes, they did use old images and advertisements featuring Bill Cosby.
Of course, Cosbycoin never existed, although it quickly became a meme among cryptocurrency fans to describe useless or nonexistent “coin” projects. Given Cosby’s current reputation, this 2011 joke is a bit darker in hindsight – but on the plus side, it did raise important questions about internet security and how much people could trust the cryptocurrency trend.
Twitter hacks happen all the time. Back in 2013, though, Twitter hacks weren’t quite as common, and we hadn’t become desensitized to brands dealing with Twitter snafus. The hack of Burger King’s Twitter was big news – especially when it was turned into McDonald’s.
The hackers, not content with plastering unpleasant tweets all over the Burger King feed, also announced that Burger King was sold to McDonald’s “because the whopper flopped,” and even changed the logo to that of McDonald’s.
It was a prime example of the havoc that hackers could create on social media just by getting the right access information. Today, Twitter feeds like Burger King and Wendy’s are known for being particularly witty, well guarded, and fast-moving.
The r/gaming subreddit is one of the most popular of all Reddit forums, collecting all the news and memes that gaming can produce. Back in 2014, r/gaming moderators woke to find that the subreddit had been hacked by the Nigerian Electronic Army, an outfit known in those days for creating chaos on Reddit and hacking game-related sites.
The r/gaming hack was the NEA’s greatest triumph, and they didn’t waste it. They removed the ability to submit content and replaced everything with a black background and single line of text stating “Half Life 3 is confirmed.” Fans have been expecting an announcement regarding Half-Life 3 for over a decade, but one has yet to materialize.
Of course, if any gamers were hopeful enough to click on the announcement, it just took them to the NEA website. Low blow, guys.
This is an oldie, but easily one of the most famous hacks in history, and definitely among the strangest.
Invented in the 1980s, Max Headroom was a sentient yellow AI introduced first in a cyberpunk movie called Max Headroom: 20 Minutes Into The Future. His unique appearance and unusual electronic voice made him a cult icon, and the character became a pop culture icon for several years. He was even the spokesperson for New Coke.
On November 22, 1987, a man in a Max Headroom mask started taking over TV channels. He interrupted broadcasts, made fun of Dr. Who, insulted sportscasters, and — oh yeah — had his bare butt slapped with a flyswatter. The whole thing lasted several minutes in all, and it became apparent that someone had hacked broadcast signals, just like they do in the movies.
It was a remarkable joke, but even more remarkable, no one knows who did it or how it was accomplished. Even after multiple investigations, the whole thing remains a mystery. At this point, its likely the pranksters responsible will never been identified, and the exact method of attack will never be known.
Back in 2010, Spain was in the middle of a particularly rough time. Its Socialist Prime Minister Zapatero was not a popular man, an economic crisis had led to mass protests, and parts of the country were again murmuring about independence (a trend that, as you might recall, continued in recent years).
So it wasn’t entirely surprising that a hacker used cross-site scripting to replace Zapatero on the EU presidency site with one Mr. Bean. It was a simple hack, but hilarious — and spot on, since Zapatero had already been compared to the beloved, bumbling television character for many years. The hack, while ridiculous, was also a reminder about how these sorts of attacks are so often inspired by the politics of the moment.
This is one of our favorite hacks — and whether or not it’s a hack depends on whom you ask. Certainly the UK Vogue company leaders weren’t entirely happy about it, but it wasn’t an illegal exploit, either.
In 2013, enterprising computer geeks found that some other enterprising computer geek in charge of the Vogue website and several other UK business sites had included a secret command. If you input the Konami code (the famous secret video code up, up, down, down, left, right, left, right, B, A) then a velociraptor appeared on screen. If you did it again, another dinosaur would pop up.
People quickly found they could input the code over and over to create a whole team of velociraptors posing for the Vogue site. Not only that, but the raptors had a variety of stylish hats and bows they could appear with, making them even more at home.
As the news spread, more and more online users had fun summoning infinite dinosaurs (who wouldn’t?), while others tried to figure out just where the hack had come from. As it turned out, the trick had been authorized as an easter egg — which was then forgotten by the people who developed it.
Let’s shift to the more serious field of counterterrorism — and cupcakes.
Back in the early 2010s, the British intelligence organization MI6 reported successful cyber-warfare on the remnants of Al-Qaeda. The terrorist organization had been trying to publish a new online magazine filled with colorful, detailed instructions on how to make bombs in your kitchen and other, very-not-cool advice.
British agents, however, had managed to infiltrate the download and insert its own code into the instructions. When wannabe terrorists tried to download the zine, instead of bomb instructions they got a bunch of nonsense about cupcake recipes. It was, in fact, content from “The Best Cupcakes in America,” a segment that had aired on the Ellen DeGeneres show. The content included such gems as “self-contained and satisfying, it summons memories of childhood even as it’s updated for today’s sweet-toothed hipsters.”
Hopefully, at least a few people actually tried the recipes instead of making bombs.
Any security expert will be quick to tell you that real hacking doesn’t follow any of the movie tropes, like replacing everyone’s screen with a dancing cartoon. It’s far more lucrative for a hacker to write ransomware instead so they could make money off the crime instead of inserting random animations. Yet some hackers just like to cause chaos, and they are often inspired by old Hollywood ideas. Such a man was Masato Nakatsuji, who in 2010 created an infamous Ika-tako (squid-octopus) virus via the Winny filesharing network.
The malware looked like a common music file, but once it started up it took over any connected hard drives. Instead of sealing away files for money like ransomware, the virus simply replaced them with pictures of squid, octopuses, and sea urchins.
When caught, Nakatsuji claimed he wanted to see if his computer skills had improved since the last time he was arrested for hacking — which, to be fair, is a perfect one-liner.
The year was 2009, and the rebel-with-every-cause internet group Anonymous was enjoying the power to hack unprepared governments and organizations around the world. This coincided with Australia’s government trying to do something about porn. The censorship plans the government created, while born from good intentions, proved ill-conceived and surprisingly ignorant about how both porn and the internet work (find out more details if you really want to know). Naturally, some people got upset.
Anonymous stepped in with Operation Didgeridie and, a year later, Operation Titstorm, two hacking projects that were just as ridiculous as they sounded.
The first was a DDoS attack on the Prime Minister’s website that only took it down for about an hour. The second was a more widespread attack that shut down the Australian Parliament House website and caused problems for the Department of Communication. Both included extravagant demands and, naturally, focused on assailing the Australian government with as much porn as possible.