back to article Pewdiepie fanboi printer, Chromecast haxxx0r retreats, says they're 'afraid of being caught'

The prankster who hijacked printers and smart TV gizmos to promote YouTube star Pewdiepie has shut down their website, citing "the constant pressure of being afraid of being caught and prosecuted." No sh*t, Sherlock. While "TheHackerGiraffe" claimed that their antics were an attempt at drawing attention to crap security …

  1. JohnFen Silver badge

    What TheHackerGiraffe has accomplished

    Well, TheHackerGiraffe has altered my opinion a bit. Now, rather than simply consider Pewdiepie as just another horrible presence on the internet, I now consider him and his fans to be actively harmful attackers.

    1. veti Silver badge

      Re: What TheHackerGiraffe has accomplished

      Attackers of what, exactly? The otherwise-peaceful and generally bonhomous atmosphere of YouTube? the hardened and professional security practices of people who previously had no idea what "UP&P" even was? the sheer pristine purity of goodwill on the internet?

      Pewdiepie is an arsehole, and TheHackerGiraffe is just some kid. Now hopefully a little wiser.

      1. JohnFen Silver badge

        Re: What TheHackerGiraffe has accomplished

        Attackers of people's Chromecast and printers, of course. Yes, those people should not have left the door open, but that in no way makes TheHackerGiraffe's actions acceptable, any more than it's acceptable to walk into someone else's house just because they left their door unlocked.

        Also, it's clear the TheHackerGiraffe has no actual interest (even misguided) in helping people to secure their shit. His interest was finding and exploiting vulnerable systems in order to advertise Pewdiepie's channel.

        1. Anonymous Coward
          Anonymous Coward

          Re: What TheHackerGiraffe has accomplished

          > His interest was finding and exploiting vulnerable systems in order to advertise Pewdiepie's channel.

          I'm guessing that the guy is worried people might find out he's a Pewdiephile.

        2. veti Silver badge

          Re: What TheHackerGiraffe has accomplished

          If that's the "attack" you meant, I'm having a hard time seeing how it's "actively harmful".

          Seems to me a couple of sheets of paper (and corresponding toner) is a small price to pay for the lesson in security practice. If he wanted to be "actively harmful", he could have done a lot worse.

          1. JohnFen Silver badge

            Re: What TheHackerGiraffe has accomplished

            Using other people's equipment without their permission is actively harmful. That it could have been even more harmful is beside the point.

            "small price to pay for the lesson in security practice."

            And who appointed these jackasses to be the "teachers"? Nobody, that's who. They're black hats and criminals, and they need to be as firmly denounced as any other attackers. Their actions are even more obnoxious because they insist on hiding behind this corrupt idea that they're performing some sort of public service. They're not. I would have more respect for them if they could at least be honest about their actions.

            Pentesting is a great and useful thing, but the thing the differentiates a pentester from an attacker isn't intent. Pentesters act with authorization. Attackers don't.

      2. The Oncoming Scorn
        Mushroom

        Re: What TheHackerGiraffe has accomplished

        Well we found 16 fans of Pewdiepie (From the downvotes last count).

        Old tired & grey haired baby boomer who can't be arsed to google who Pewdiepie thinks he is.

        1. Anonymous Coward
          Anonymous Coward

          Re: What TheHackerGiraffe has accomplished

          It's like RickRolling for da yoof...if you don't know about rick rolling see this video....

          https://m.youtube.com/watch?v=oHg5SJYRHA0

        2. Anonymous Coward
          Anonymous Coward

          Re: What TheHackerGiraffe has accomplished

          "Old tired & grey haired baby boomer who can't be arsed to google who Pewdiepie thinks he is."

          As a parent of children that watch this garbage, I will provide a useful reference to allow you the horror of witnessing this crap yourself.

          - Pewdiepie is basically a youtube trash version of the Kardashians

          - the Kardashians are an American version of Made In Chelsea if Made In Chelsea was more diverse and had a larger gene pool.

          - Made In Chelsea is UK trash TV where rich young people encourage UK television viewers to rise up and overthrow the bourgeoisie. I think...maybe I misunderstood what I saw.

          - turn that crap down and get off the grass!!!!

          Mines the jacket over there. With bitter spilled on it. The twisted one...

    2. goldcd

      Re: What TheHackerGiraffe has accomplished

      I'm late to the party

      But in a world of Jake Pauls - https://www.youtube.com/watch?v=9wO2RIEKMSg

      Think there's something quite nice about the #1 Youtuber recommending books by Japanese authors to 'the youth" - https://www.youtube.com/watch?v=pNar3Dh9zDk

      1. JohnFen Silver badge

        Re: What TheHackerGiraffe has accomplished

        I don't see a huge difference between Pewdiepie and Jake Paul.

        1. goldcd

          Re: What TheHackerGiraffe has accomplished

          Then you've clearly not been watching either of them..

          1. JohnFen Silver badge

            Re: What TheHackerGiraffe has accomplished

            I have seen several videos from both of them, and I find them both to be highly objectionable and roughly comparable. It's true that I don't watch either of them regularly. I'm not a masochist.

    3. RAMChYLD

      Re: What TheHackerGiraffe has accomplished

      > I now consider him and his fans to be actively harmful attackers.

      I've considered him and his fans to be actively harmful attackers ever since he got some randos to carry cards calling for the extermination of Jews a few years ago (remember that?)

    4. Anonymous Coward
      Anonymous Coward

      Re: What TheHackerGiraffe has accomplished

      Some jail-time will sort him out.

    5. Johmon

      Re: What TheHackerGiraffe has accomplished

      His fanbase is pathetic, they go type hateful stuff on Tseries, honestly his channel should just be deleted, cancerous.

      1. Danny 14 Silver badge

        Re: What TheHackerGiraffe has accomplished

        up near us in stranraer people still leave their front doors open with just the vestibule door closed. That doesnt mean people have the right to just waltz in and take the tv because the front door was open.

  2. DarkLordofSurrey

    "a person clamming to be TheHackerGiraffe"

    A giraffe/clam hybrid, tell me more...

    1. Steve K Silver badge

      Hybrid

      Makes sense, his actions were shellfish

      1. Danny 14 Silver badge

        Re: Hybrid

        and were a bunch of filth bottom feeders.

  3. jake Silver badge

    One wonders ...

    ... if these skiddies have enough collective brainpower to use the toilet without making a mess all over the place.

    1. JohnFen Silver badge

      Re: One wonders ...

      Script kiddies are just people who want to be hackers without wanting to actually put the effort in to learning the required skills.

  4. chivo243 Silver badge
    Coat

    Got it

    1. Don't leave unnecessary ports open: easy enough for us in IT. I get their public service message. Maybe if they adopted the "Friends don't let friends drink and drive" approach. Friends don't let friends surf with open ports, or some such frippery, instead of promoting some guy with a weird handle...

    2. These guys are jerks.

    3. My coat, and soapbox

    1. Johmon

      Re: Got it

      How about go get a job instead of hacking printers to support a YouTuber, god this is pathetic

  5. Brewster's Angle Grinder Silver badge

    Is it wonderful when kids get to learn boundaries on the entire public internet in front of the whole world?

    1. Waseem Alkurdi

      The Internet is the world.

      1. JohnFen Silver badge

        Um, no, it's not. It's a subset of the world.

        1. chivo243 Silver badge
          Trollface

          Um, no, it's not. It's a subnet of the world. That's better?

          1. JohnFen Silver badge
  6. Anonymous Coward
    Anonymous Coward

    Congratulations

    Congratulations for figuring it out before joining the crypto lockers, data theft, bricking of routers, spying perverts, and the list goes on.

    Congratulations for getting your head straight before it became a toy in a jail cell.

    Lots of people are very unforgiving with their comments, which I attribute to being jaded by so many hackers that are out to be malicious with no concept of the victims or repercussions. I hope you keep your head out of your arse and have a good life.

  7. Mark 85 Silver badge

    They forgot one small detail....

    The prankster who hijacked printers and smart TV gizmos to promote YouTube star Pewdiepie has shut down their website, citing "the constant pressure of being afraid of being caught and prosecuted."

    They seem to forget that the Internet is forever and that they can be tracked down by the trail they left even it's just by law enforcement going to the registrar for the site. Given what they did, I think they might have a valid fear.

    1. JohnFen Silver badge

      Re: They forgot one small detail....

      "Given what they did, I think they might have a valid fear."

      The rumors (and they're just rumors) that I've been hearing in the security world about this is that an FBI investigation had begun after the printer hacks took place. If true, then this event is just adding more counts to any indictment.

      Also, if the rumors are true, you can bet that the FBI already knows who and where these clowns are.

  8. Anonymous Coward
    Anonymous Coward

    Stranger Danger

    Maybe TheHackerGiraffe misjudged the love people feel for pranks, especially by people you don't know?

    We're taught not to take candy from strangers, so supposedly helpful hacks delivered by unknown persons, kinda falls under the same umbrella.

    Now you've riled up a whole mess of people wanting to "learn" prank you back.

  9. This post has been deleted by its author

    1. Anonymous Coward
      Anonymous Coward

      Huh??? Whut???

      Waseem Alkurdi,

      See Title ^^^

    2. Anonymous Coward
      Anonymous Coward

      @Waseem - Unauthorized use of an IT asset

      is an abuse, no matter your intention. How would you like someone to take your car for a ride just to show you the doors were unlocked and the ignition key on the front seat ? Irrespective of the law, the (only) civilized way to do it is to communicate with the owner and describe him your findings.

      1. Cynic_999 Silver badge

        Re: @Waseem - Unauthorized use of an IT asset

        "

        Irrespective of the law, the (only) civilized way to do it is to communicate with the owner and describe him your findings.

        "

        What would you suggest is the best way to communicate with an unknown person in an unknown location the fact that he has an unsecured printer that anyone can send a print to? Or an insecure video display device?

        1. JohnFen Silver badge

          Re: @Waseem - Unauthorized use of an IT asset

          "What would you suggest is the best way to communicate with an unknown person in an unknown location"

          If you don't know how to contact the owner, then you can't. So just don't. Simples.

    3. JohnFen Silver badge

      "I renamed the printer to "Hacked" and printed a couple pages to the same effect. [...] because I was a good guy"

      But you weren't a "good guy". You were an attacker.

      "But still, one of the two must be dealt away with: protection by password/security/whatever, or protection of computers by law."

      I'm not following you at all. Why shouldn't there be both? Just because I can lock my house up doesn't mean there shouldn't be a law against trespassing.

  10. Anonymous Coward
    Anonymous Coward

    Dumb 'Follower' learns life lesson ....... yet again !!!???

    In a Nutshell, some 'Follower' of a You Tube 'Star' took it upon himself to promote said 'Star' under the guise of highlighting 'unsafe' internet accessible Printers et al.

    The 'Follower' then 'discovered' that the promotion was possibly setting himself up for legal proceedings relating to 'Computer misuse and general hackery'.

    Oops ..... a quick apology was published in the hope that it would divert any incoming legal consequences ..... unfortunately the 'Real world' does not always work that way.

    Lessons learnt:

    1. You Tube is not as important to the 'Real World' as you may think.

    2. The law is blind and does not generally care about ..... 'I was only ...' type excuses.

    3. Surprisingly, Pewdiepie is NOT bigger than the law and will not be sticking his neck out to 'save' idiot 'Followers'. (As if he could !!!)

    4. Staying 'anchored' in the 'Real world' is very useful as it informs you about things such as laws, trespass etc

    1. JohnFen Silver badge

      Re: Dumb 'Follower' learns life lesson ....... yet again !!!???

      "Pewdiepie is NOT bigger than the law and will not be sticking his neck out to 'save' idiot 'Followers'."

      But it would go far to making him look like less of a horrible person if he were to publicly and loudly condemn their actions. His silence on this is deafening.

    2. TRT Silver badge

      Re: Dumb 'Follower' learns life lesson ....... yet again !!!???

      If you're going to stick your neck out, then selecting a moniker containing the word "giraffe" seems appropriate if you're going to make a massive target of yourself.

    3. MonkeyCee Silver badge

      Re: Dumb 'Follower' learns life lesson ....... yet again !!!???

      "The law is blind and does not generally care about ..... 'I was only ...' type excuses.:

      IANAL and all that.

      For some things the law does care quite a lot about intent. The difference between murder and manslaughter, or for the left pondians difference between murder one and murder two as an example. Same applies for consent, if you voluntarily engage in a boxing match then you punching the other chap isn't assault. Punch the same chap out of the ring and it is. Cutting someone's ripcage open then chopping out and replacing parts of their heart is GBH/attempted murder, unless it's being done by a surgeon on a patient that has agreed to the procedure (and the risks involved).

      As noted in the article, the Computer Misuse Act doesn't contain an automatic exemption for intent.

      But thanks to the wonder that is Common law, a judge could choose to exercise their judgement to rule that in a specific case a crime was committed, but that it was part of an action that justified the crime. The example often given is seeing a house on fire with a person trapped in it, then breaking down the door and getting them out. It's breaking and entering, but since the intent was clearly to help someone and not nick their stuff, and the person would probably have wanted you to do so, then it would be highly unlikely you'd be prosecuted.

      Since open ports on home devices are probably not a matter of life and death, I wouldn't expect these guys (I'm assuming they are male...) to have sort of cover from that.

      I'm not familiar enough with code Napoleon systems to say if there is an equivalent, but intent often matters a great deal legally.

  11. Winkypop Silver badge
    Devil

    Kids today eh?

    At least it keeps them off my lawn!

  12. wobbly1

    talk to the manufactures about default port options

    when setting up my shiny new router, the interface made it quite had to drill down to the menu to disable UPNP. UPNP was enabled with no rules The menu was deep in the "advanced" section of the control software , nothing in the basic setup. Blaming users for not checking an apparently obscure setting is the wrong end of the telescope . talk to the manufacturers about ensuring settings that can allow unbidden access to your lan are made easy to make safe and need to changed to be enabled rather than disabled.

    1. JohnFen Silver badge

      Re: talk to the manufactures about default port options

      I agree with this. UPNP is a security nightmare, but it does at least have some use in a LAN. While I argue that it should just be disabled, period, at the bare minimum no router should be opening a UPNP port to the internet at large. Doing so serves no purpose and opens a gaping security hole.

      This is 100% the fault of the manufacturers.

  13. ukgnome Silver badge

    So what you are saying is it's actually 3 wazzocks in this story - got it!

  14. This post has been deleted by its author

  15. Tony W

    Mystified

    As an ordinary user I am completely mystified by this. If I look in forums I find vociferous arguments about whether it's safe for me to leave UPnP enabled on my home network. There is no apparent consensus, just a lot of people shouting "Just turn it off" and others saying it is useful and low risk.

    I am also told that disabling it may break my Chromecast and Chromecast Audio, and possibly Skype which is vital to my family (for work.)

    The router supplied by BTInternet has it enabled by default in the advanced menu. The only comment is "We recommend you keep 'Extended UPnP Security' turned on to make sure your home network is secure." It's on, so that's all OK is it?

    How can I make sense of all this? Please don't say turn it off and see what happens. I already have more than enough things to check if I get an obscure network problem.

    1. Anonymous Coward
      Anonymous Coward

      Re: Mystified

      It's a tradeoff between security and convenience, and people have different opinions on what level of risk is acceptable. It's also difficult to know the real level of risk without someone skilled investigating the details of a specific router model and firmware version. Without such an investigation 'turn it off' is the only safe advice. Last November's 100,000 router botmet used a bug in Broadcom's UPnP software affecting 116 router models from a range of manufacturers, so it's not just a hypothetical risk.

      What UPnP on a router does is inherently a bit risky - it lets programs running inside your network ask the router to change firewall and port forwarding rules. That's fine if it's something you want (Skype Chromecast) but not so good if it's flash malware on a web page opening your computer to the internet. unfortunately UPnP can't tell the difference. To make matters worse some routers have mistakenly made this possible from outside your network as well as inside. I don't know if anyone's tested your BT one or what it's 'security' tickbox does.

      Bugs in UPnP software on the router are another problem, compounded by router manufacturers being notoriously bad at releasing fixes, and router owners rarely applying the fixes when they are released. By 'bug' I mean things like allowing someone on the internet side to run whatever they want on hour router. I don't know if anyone's checked your BT router for such bugs.

      1. Omgwtfbbqtime Silver badge
        Devil

        "I don't know if anyone's checked your BT router for such bugs."

        I'm sure the Black Hats (TM) have.

    2. JohnFen Silver badge

      Re: Mystified

      "I find vociferous arguments about whether it's safe for me to leave UPnP enabled on my home network. "

      Maybe I can help here -- UPNP is a serious security problem, but if you're only allowing it on your LAN and not exposing it to the internet, you're probably OK (as long as your other security measures are reasonable).

      You should never be exposing it to the internet at large, though. Doing so gets you nothing and provides a wide open door to your systems.

      My advice is that you just shouldn't use it. If the convenience of it is irresistible, though, then you should double-check that the UPNP port is not open to the internet.

      1. Ken Hagan Gold badge

        Re: Mystified

        "you should double-check that the UPNP port is not open to the internet."

        What's the easiest safe way for someone to do that?

        1. JohnFen Silver badge

          Re: Mystified

          It's hard to give detailed advice as it depends on your exact router. I would start by searching the web and the manufacturer's website. Between the two, it's very likely that you'll be able to find instructions.

  16. Alah

    What the did is grey at best

    Yes, if you really want to you can put their actions under computer miss-use act but what you are suggesting of "just tell them instead of doing" can also be counted under a computer miss-use act, except this time receiver has an email address and probably more to track you down and sue. And let's be honest, ppl don't like when you tell them they did a shitty job in securing their network. Also these analogies of "it's the same as going into a house and setting it on fire because owner left keys in a door" is such an overreaction. It's more on the lines of them knocking on your door to inform you that keys been left in and you calling the cops because he is "trasspassing" in your property

    1. JohnFen Silver badge

      Re: What the did is grey at best

      " what you are suggesting of "just tell them instead of doing" can also be counted under a computer miss-use act"

      Only if you actually intruded on their system. If you discovered the vulnerability without intruding, then you haven't violated the law. The proper thing to do is to tell them. If they ignore you, what's the problem? You did your part.

      "It's more on the lines of them knocking on your door to inform you that keys been left in and you calling the cops because he is "trasspassing" in your property"

      No, it's not. To go with your analogy, it's more like someone tried to open your door, found it unlocked, and came into your place to leave a note for you saying that you left your door unlocked. In other words, it's wrong and illegal, and the person who lives there is fully justified in pressing charges for trespassing.

      1. Ken Hagan Gold badge

        Re: What the did is grey at best

        "To go with your analogy, it's more like someone tried to open your door, found it unlocked, and came into your place to leave a note for you saying that you left your door unlocked."

        Or did they just post the note through your letter box, in which case I suspect you'd be laughed out of court. Tricky things, analogies. Given the cost of a single sheet of paper and a few micrograms of ink, I think one could reasonably argue that this was a reasonable way of passing an important message using the only available channel.

        1. JohnFen Silver badge

          Re: What the did is grey at best

          "I think one could reasonably argue that this was a reasonable way of passing an important message using the only available channel."

          I don't think that's even remotely a reasonable argument. If there isn't a way of alerting the owner without attacking their systems, then you just don't alert the owner.

          The people who do these things have no right or responsibility to do them, and if they're attacking people's systems to "alert" people, then they're engaging in behavior that is, and should be, illegal. They are vigilantes, not good guys.

          1. Alah

            Re: What the did is grey at best

            "If there isn't a way of alerting the owner without attacking their systems, then you just don't alert the owner."

            So your response is to ignore and hope that they will maybe spot the issue and sort it out before someone with ill intent comes around

            1. jake Silver badge

              Re: What the did is grey at best

              "So your response is to ignore"

              No. My response is that it's not my business to look in the first place. And please note that there is no way to find vulnerabilities accidentally. There is absolutely zero reason for someone to "rattle the doorknobs" on Internet connected devices UNLESS INVITED TO DO SO BY THE OWNER. Anything else is fuckwittery of the first order, at best ... and demonstrating criminal intent to boot.

    2. DCFusor Silver badge

      Re: What the did is grey at best

      Ah, well, setting the house on fire is more of a Mrs-use act.

  17. John Brown (no body) Silver badge

    Youtube channel subscribers

    I get that youtube channel operators like to willy-wave their subscriber numbers, but what benefit is there for me to subscribe to a youtube channel?

    I just bookmark things I like. There are even a couple of youtube channels in my bookmarks. How is "subscribing" to a free channel different from my just clicking my bookmark?

    1. Adrian 4 Silver badge

      Re: Youtube channel subscribers

      I'm not sure if the number of subscriptions affects what google pays out. Perhaps that's a factor.

      However, it's more likely that you'll notice a new upload (because google can remind you) and therefore substantially increase their viewing figures. This in turn affects their income.

      So it's a way to reward your favoured channel operator, if you so wish.

    2. DropBear Silver badge

      Re: Youtube channel subscribers

      I really don't see how "bookmarking" anything can be compared with subscribing to a YouTube channel, which results in any new video uploaded by people you subscribe to appear on a single page you can go to whenever you want to catch up with things. Trying to keep revisiting each and every channel of the several dozen I subscribe to in order to figure out whether they have any new videos I haven't seen yet borders on unfeasibly impractical compared to refreshing one single page occasionally. That's not to say I automatically watch anything that comes up, but this sure serves up anything available in a nice single-page format as a grid of thumbnails, helpfully tagging stuff I've already seen. It also lets me one-click hide anything I have already seen or have no intention of watching. There's just no comparison IMHO.

  18. dogbot

    Subscribe...

    To T-Series, you say? Well, ok then. :)

  19. MrMerrymaker

    'Someone had to play the legal card...'

    Crikey, if you're going to protest your innocence, maybe not include a snivelling acceptance that you broke the law.

  20. Anne-Lise Pasch

    'Someone had to play the legal card...'

    If I found your door unlocked, walked into your house, put PewDiePie grafitti on the wall, and left muttering, "that'll teach you not to lock your door..." I'd expect there to be legal consequences. And I'd expect someone to give me a right Gibbs on the back side of my head for liking PewDiePie.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019