The prankster who hijacked printers and smart TV gizmos to promote YouTube star Pewdiepie has shut down their website, citing "the constant pressure of being afraid of being caught and prosecuted." No sh*t, Sherlock.
While "TheHackerGiraffe" claimed that their antics were an attempt at drawing attention to crap security practices by the owners of networked printers, smart TVs and, latterly, Chromecasts, in reality it was a publicity drive for the most-subscribed-to YouTube channel – and also included fundraising efforts, though his co-hacker later denied it was all about the YouTube spat.
Giraffe hacks printers worldwide to promote God-awful YouTuber. Did we read that one right?READ MORE
Essentially, the miscreants scanned the internet for unsecured printers, Chromecasts, and other devices facing the public internet via people's home routers, and then commandeered the gadgets to display messages warning of the security holes and to subscribe to a YouTube channel popular with da youth.
Take this opportunity to check your router, Chromecast, and printer settings to make sure you're not opening up your devices to the public internet. Back to the cyber-giraffe...
"So, here we are. At the endgame. I'm sorry for leaving so suddenly, and I'm sorry for all of you who expected more tutorials, guides, or anything. I can't do this. It may not look like it, but the constant pressure of being afraid of being caught and prosecuted has been keeping me up and giving me all kinds of fears and panic attacks," posted a person claiming to be TheHackerGiraffe on dump-plain-text-online site Pastebin earlier today.
They added: "I just wanted to inform people of their vulnerable devices while supporting a YouTuber I liked. I never meant any hard [SIC], nor did I ever have any ill intentions. I'm sorry if anything I've done has made you feel under attack or threatened."
A Twitter user also screenshotted what appeared to be a tweet from TheHackerGiraffe, which read: "Someone just had to play the legal card."
The whole thing started because Felix "Pewdiepie" Kjellberg wanted to keep his status as operator of YouTube's most popular channel. With 79.5 million registered accounts on the site following his output, his nearest rival is an Indian channel called T-series, which posts Bollywood videos to 78.6 million subscribers.
It's harmless enough stuff that people in the real world can happily exist without. At least, that was the situation until TheHackerGiraffe and co-conspirator j3ws3r decided to weigh in. The duo set up a website (since deleted) and with what they previously claimed was a $5 Google cloud subscription, they set to work remotely printing out exhortations to subscribe to the Pewdiepie YouTube channel on any internet-facing printer they could access.
They hit thousands of printers around the world by pulling a list of devices visible over port 9100 from "what vulnerable stuff can I muck about with?" search engine Shodan and plugging that into open-source printer hacking utility PRET, which was shown off at Black Hat a couple of years ago.
TheHackerGiraffe's fundraising Patreon page and Twitter account have both been deleted. J3ws3r has woken up to find the whole world pointing and laughing at him for his attempt to deliver more followers to his favourite YouTuber, and he isn't best pleased about that. Yesterday he tweeted this...
Our chromecast and smart TV hack is now complete. Thank you and please, stay say, and most importantly: never leave a port open someone can mess with.https://t.co/H2WOHQNkE8— j3ws3r 🖨 (@j3ws3r) January 3, 2019
Thank you to my partner @HackerGiraffe
... only to begin tweeting again, after an 8-hour break at the time of writing, with this:
I would just like to call on @pewdiepie himself if he is able to shed light on the fact that this was not a full blown “GAIN PEWDIEPIE SUBS” campaign. It was a way for us to show google and printer owners how dangerous it is leaving vulnerable ports open.— j3ws3r 🖨 (@j3ws3r) January 3, 2019
Ken Munro, of infosec outfit Pen Test Partners, told The Register that what HackerGiraffe and j3ws3r were up to may have broken the law, at least in the UK.
"It’s an interesting story and a bit of a shame that it ended this way. @hackergiraffe acknowledged earlier on twitter that what they were doing wasn’t ethical, though clearly felt that the public interest was better served through PewDiePie!" said Munro, over email, who continued: "In hindsight, they’ve realised that it overstepped the mark. As I understand it, the Computer Misuse Act doesn’t take account of intent."
He added that their eyeball-grabbing stunt "may not have had the same impact in the media, nor the same positive result of Google committing to address the issue," concluding: "The law is the law... The Computer Misuse Act isn’t perfect and it can obstruct legitimate security research. It is long overdue a revision, but until that occurs all researchers should ensure they stay the right side of it, however well intended they are."
What are the lessons here? Number 1, don't muck around with stuff you've not got permission to access. Number 2, don't start trying to raise money if you want to stay anonymous (even Patreon carries out ID checks before sending cash). Number 3, drop the hubris. This wasn't so much sailing too close to the Sun as doing a roly-poly into an active volcanic crater. ®