GTA V source code has been leaked.
GTA V source code has been leaked.
The full GTA V source code has been leaked The leak contains GTA V source code and stuff from Bully 2 and GTA VI Leaked in a discord server by a random British guy in the 360 modding community known to get sued by Rockstar multiple times
"Now i am expecting a open source version of gta to arrive soon on linux natively . Tired of playing supertuxcart."
Here is the source. Another one.
You're viewing a single thread.
If you're not aware, the hack was performed by Arion Kurtaj, an 18 year old, who has been put in
prisona psych ward in a uk prison. He hacked rockstar at a hotel, where he was left with no computers or phones, only to find that the TV had a chromecast, which he used to buy a phone and a keyboard (presumably by selling his monero).- He hacked into all major uk telcom providers: EE, BT and Orange.
- He hacked into nvidia
This kid deserves a 7-8 digits salary as a pentester, not prison; plenty of pentesting companies would hire him in a heartbeat.
Don't get me wrong, he deserves a long and drawn out lesson on morals, but also a stellar salary where he can do what he's doing for the right side.
EDIT: I have made a mistake in my original comment, which has been pointed out. My bad, he's technically in a psych ward in a uk prison, because he's aggressive and unstable. I still stand by what I said (and what I clarified in the comments below), but I wanted to correct the record
You have to convince him first it is what he wants to do. He seems very fixated on being a cyber criminal at this time and money is unlikely to sway him.
He can learn once he understands the repercussions of his actions. Remember that he's an autistic teenager, he has a lot to learn about life and especially morality.
His career in white hat cybersecurity is shot to fuck. No one will trust him enough after this
Well, considering the UK is not interested in helping him, and you’re probably right, we should perhaps be more concerned with Russia or a similar country picking him up for state sponsored cyberattacks or some shit.
Kid seems to be in it for the chaos and notoriety. That could cause quite a bit of harm in the right state environment.
Mostly true in normal cases. If you’re really talented there is a market for you, always. Idk if he falls in the category, and most cyber criminals have no shot at white hat anything but given his age and his feats I think he might be an exception.
Mostly true in normal cases. If you’re really talented there is a market for you, always.
In this case, that market is the black market. In the regular market, no head of security wants to be responsible for a potential critical breach by hiring such a wild cannon.
His only possible path would have been to show remorse after the attacks. He shot that in the ass, or at least made his job much harder in that respect, by pulling another attack while in police custody.
In the regular market, no head of security wants to be responsible for a potential critical breach by hiring such a wild cannon.
Remember when a company's head of security was fired and prosecuted for ordering a pentest against his own company, which is a normal thing that good heads of security do?
-
running unauthorised pentests does indeed get people fired. Along with getting their managers in hot water for letting their pentesters be loose cannons. And if they're attacking someone else while on company time, the company can be in serious legal trouble too.
-
it is rather customary for heads to roll when critical data is leaked as part of an insider attack, especially when said attack was enabled by negligent practices.
Just incase you've forgotten that randomly attacking people and leaking data is this kid's MO.
-
I think you're vastly underestimating what a big stack of green can do for the morals of an 18 yo.
An 18 yo isn't gonna get fat stacks of green as a pentester.
The suits that decide salaries have different priorities. Like certs that are out of the price range of a teenager and years of professional experience.
Yea, but the nerds that the suits put in charge of security will absolutely recognize this kids skills. The suits don't run the security teams at most corpos. There would be no security that way. Management is pretty hands off with them, at least from my experience working at corpos.
Yea, but the nerds that the suits put in charge of security will absolutely recognize this kids skills.
They will also recognise how much of a potential threat he is.
The suits don’t run the security teams at most corpos.
The suits absolutely do run the security teams. Very indirectly, but they do. The suits are the ones security teams have to persuade to get any sort of funding and they can and will veto a hiring decision like this.
You are correct that in most places, the suits do not usually directly intervene. Usually there is a lead guy in the security team that handles the conversations with the suits.
In a well functioning security unit, there is some trust there but not nearly enough to hire a kid like this. A veto is seen as a politically risky manoeuvre for a suit but it would absolutely be pulled for the prospect of hiring this kid, with some frankly compelling justification that any team lead would find nearly impossible to get around.
I've worked in several corporations in several security teams in the past, some amazing, some god-awful with insane suit meddling.
This kid deserves a 7-8 digits salary as a pentester, not prison; plenty of pentesting companies would hire him in a heartbeat.
I keep hearing this.
Find me any company that will hire someone so unstable and destructive, and I'll show you a company with bad hiring practices.
This is someone you can never count on to do anything they don't want to do. Someone who will destroy things if they don't get their way. Triple letters won't touch him.
Also, let's be clear, a lot of this was social engineering. He didn't do anything impressive, he just did things others wouldn't be brazen enough to do because they didn't want to get caught.
This is someone you can never count on to do anything they don’t want to do. Someone who will destroy things if they don’t get their way. Triple letters won’t touch him.
definitely, but people can change
a lot of this was social engineering
people always have a high and mighty mentality when talking about social engineering, most attacks today use some form of social engineering and have for a long time, if not always.
definitely, but people can change
Sure, but from what I have read that hasn't happened and he doesn't want to change. He straight up said he will continue to hack if released. He has even hacked in custody.
He can change if he gets the right treatment or he has a moment of reflection. It's unreasonable to expect a normal person to be the same person 3 years later and even more unreasonable to expect a mentally unstable person to be the same n years later.
Isn't that exactly what is happening?
It's not the right treatment if it doesn't work, and if it does work, it could still take ages for it to have a good enough effect.
So yes, but also no. Psychology and psychiatry are difficult because they require trial and error.
definitely, but people can change
He did get sent to a psych ward instead of prison with that exact hope. IIRC the biggest issue wasn't just the hacks, but that he was extremely violent and showed no remorse whatsoever as well.
Are you kidding me? Aggressive, unstable and destructive seem to be core tenants for the CEOs of many large scale blue chip firms.
If you want actual penetration defense, you absolutely hire the unstable person. I'm not saying you put him or her in the centre desk on the main floor, let him or her work from an environment where they are most comfortable, and one that supports them best.
If you want window dressing, hire the neat and tidy person, who couldn't actually penetrate an Excel sheet.
Or you hire an intelligent, capable, and professional pen tester. They'll find the same holes that the nutcase will, they'll document them, and they'll do it without breaking things.
Social engineering is a major part of pen-testing and of hacking. It's still impressive despite any carelessness.
This wasn't carelessness. This was a deliberate.
I have a buddy that I grew up with that does penetration testing. Like I live in a city a whole continent away from home, and I run into him here or there, looking like a random smoking a cigarette outside an office tower or whatever. And thats what he's doing, he's on assignment trying to social engineer someone to give him access.
As they say, a chain is only as strong as its weakest link. Why try to hack the door lock when you can exploit people's instincts to let them hold the door for you?
This kid deserves a 7-8 digits salary as a pentester, not prison; plenty of pentesting companies would hire him in a heartbeat.
You're forgetting a vitally important part of being a pentester.
Namely that they need to be trusted not to leak billions of dollars worth of trade secrets.
This kid is a prodigy as a black hat, but he'd be an embarrassment as a pentester.
I agree with you in principle, you are definitely objectively correct, however people can redeem themselves.
To name two:
- Mitnick (RIP) started as a black hat
- Gollumfun started as a twisted criminal
I used to work as a pentester. It's an open secret that like a good chunk of people in the industry are former criminals. But former is kind of the keyword. Not only is he doing crime after being arrested and still under surveillance, but he can't even lie and say he won't do it again. The kid is unhireable, at least not until he can get his compulsions under control.
My GF works with autistic individuals and for a majority of them they simply cannot lie, at least not big lies. He may not even see it as being that wrong (probably does know to some extent that it is wrong), especially with all the (correct) rhetoric that companies are scum bastards obscuring the truth. The kid is indeed unhireable for the time being but he could be helped to understand the morals, ethics and laws surrounding his interests to integrate him into the capitalistic world he finds himself in.
I certainly didn't mean to make any moral judgments about the kid. I'm not even sure that I think it's morally wrong (unwise and legally wrong, no doubt, I just don't think his actions hurt any person and I don't care if an action hurts a corporation). The kid is clearly talented and I hope he gets the treatment he needs. I sure hope he can eventually make a living with his talents and perhaps eventually use his talents towards positive change.
Completely agree, its a waste of useful talents that has through one reason or another has not been influenced in the right direction.
that's exactly my point tho, he needs to understand why what he did was objectively wrong, and needs to understand that actions have consequences, but he's still a teenager, and one with autism at that, there is plenty of time for him to change sides
What did he do that was wrong?
eight months in solitary
Jesus shit
To be fair to those two:
-
Mitnick did much what he did before hacking was even a crime, and almost all of it before offensive cybersecurity was even a viable career option.
-
the damage caused by the entirety of ShadowCrew (4000 odd members) was a drop in the bucket compared to that caused by this single kid
-
neither of them had compulsion issues that would cause them to attempt to hack even while under surveillance.
-
Fuck, didn't know Mitnick died. Just married and with a child on the way, too.
He was arguably at his best at social engineering, too. Don't know if it's a real quote, but I remember reading about him saying it can bypass all your electronics, firewalls included.
How about the good old Danny Trejo?
I'm listening to an interview with Gollumfun as I'm reading this, what are the chances?
Haha I’m glad that he switched sides honestly, but after listening him talk about his childhood in an interview I’m not even surprised that he did what he did
I don't even see how he's a prodigy. He's part of a larger group, and used a lot of social engineering tactics.
Almost all blackhats are part of a group, and even social engineering tactics can require talent to pull off, especially when it is guarding billions of dollars worth of trade secrets.
The dude carried out an attack with a fucking Amazon Fire stick and a phone. While in police custody. That is an insane level of preparation and knowledge of your tools
He’s talented, but the problem is jobs like pen testing require a LOT of trust to work in. So far this guy has said and shown that he intents on staying in cybercrime rather than doing legitimate work.
As it stands, given how he’s acted, I can’t see a single company that would let him pen test their systems or a red team that would take that risk to their reputation.
Not even that he wants to do cyber crime, just that he's unstable and violent, and is absolutely the kind of person who will refuse or even undermine certain tasks if they don't feel like doing them.
I want to bet this dude is a giant asshole. Not sure why people keep making a hero out of him, he sounds like an awful person.
Maybe, I've never met him, but that changes nothing.
Linus Torvalds is a giant asshole and he doesn't know how to talk to people, he's still one of the most important people in tech.
Torvalds isn't an asshole because of a nonexistent moral compass. He just has strong opinions, and he's usually right, anyway.
Absolutely, didn't mean to imply otherwise
He's not a giant asshole, he just doesn't sugar-coat everything he says.
It's sort of a defining trait in people where he is from. If we say something we tend to say it straight. He might be a more extreme example than most, but I had a good friend from the same neighborhood and he was the same.
We grew up a few years later when he had already moved to the US, but we used to sneak smokes in the park right outside where he first made Linux. My friend lived in the same building as he had done, but he was so computer illiterate that he had no idea who Linus was. I did, though, because Linus described that place pretty well in what I believe was his first book.
As far as I recall he actively seeks to commit cybercrimes and even says so himself.
It's not the first young hacker on the spectrum that has urges to hack stuff.
It's a whole different question when someone is conscious he is doing something illegal and actively seeks to do it.
This is not another Aaron Swartz story imo. It's an autistic individual that doesn't hack out of curiosity but in order to damage businesses, and people or benefit himself.
he actively seeks to commit cybercrimes and even says so himself.
In 5-10 years he would change his mind. As of now - kid had no idea about life.
Yea, I mean he's an 18 year old autistic kid. He's going to be a bit slower than his peers to develop adult skills and fit in to society. People in here are talking as if he's unredeemable. He's still just a kid who has some maturing to do.
Unfortunate that society punishes those that can do things that a lot of people don't understand
It’s more unfortunate that someone who is talented uses their skills to cause damage to society. The only thing he deserves is a lesson on morality and ethics.
He’s the type of person that should be removed from society. If that means a prison cell then so be it.
The real criminals in this world are the billionaires, the CEOs, the bankers, the landlords, bosses, and cops who enforce a capitalistic society on all of us and engineer the destruction of our environment and ensure our continued wage slavery and inevitable annihilation.
He deserved (past tense) all that opportunity before he proved his willingness to use it to do damage. Given his dedication to committing crime, I can't imagine who would ever trust him enough to want his talents.
This guy defends criminal. What an idiot.
Please look into penetration testing.
Unless his attitude and stance changes, there’s not a single red team that I could see taking him. You can’t just throw someone who wants to be a criminal into pentesting and think it’ll go well
No disagreements here, but this is all something that can change easily, he just need to understand the repercussions of his actions
Not every black hat, even autistic ones, lack an understanding of their actions. Some know perfectly fucking well what they are doing.
This guy rigged up hardware to pull off a massive attack while in police custody. Bro knew full well by that point what the consequences were, he pulled off another attack in the middle of dealing with said consequences
Please stop saying that morally bankrupt teens deserve a career in security.
They don't. Full stop. I don't give a fuck how talented you are, if I can't trust you then I'm not letting you near my systems. End of story.
Am a professional pentester/red teamer. You hit the nail on the head.
Pentesting is not all about the shit you can hack. A big part of it is presenting a professional face that suits can trust.
That is fundamentally incompatible with compulsively attacking and leaking billions of dollars worth of shit
Am a threat intel guy. It's a pet peeve of mine to study criminals only to find SocMed presenting them as some kind of lovable anti-hero.
Like I get it, the guy's got talent, and he stuck it to the man...
Except what he's actually done is leaked decades of hard work by many talented people that do deserve to see a return on their efforts.
You can point to wages and working conditions but shit like this don't solve those problems
They should have seen those returns by now tbh, as it's for GTA V not VI, but most of the money sent to not the many talented people who made it but the people who paid them a little money (comparatively) upfront to work for them.
I agree with your point otherwise
Just what the "security" industry needs. It's all either talentless hacks, or skilled assholes.
Edit: lol ok, I've only been working near these people for a decade.
If it's malicious, it's not penetration testing. It's just malicious.
I bet you think John Brown deserved to die, don’t you?
This kid deserves a 7-8 digits salary as a pentester, not prison
he is not obedient enough for these corporations as is.
so throw away his talent it is.
Not just prison, life imprisonment under the oversight of medical professionals, until he can be deemed to not be a danger to others.
From a security perspective, what he's done is very impressive. It sounds like he has a lot of troubles, though, and if anything this act has probably pushed the authorities to give him the medical help he probably needed.
He hacked rockstar at a hotel, where he was left with no computers or phones, only to find that the TV had a chromecast, which he used to buy a phone and a keyboard (presumably by selling his monero).
You sure are making a lot of assumptions here and have some very interesting takes. Can you tell me how this would be done without a way to modify the Chromecast?
I have not made any assumptions, this has been shared multiple times in different articles which I did not write. As for the Chromecast, I misremembered, it was an Amazon Firestick.
https://www.wired.com/2005/07/a-hacker-games-the-hotel/
This is from 2005.
Why link an irrelevant article from 2005 about IR?
The only hardware an intruder needs is a laptop running Linux, an infrared transmitter and a USB TV tuner. Laurie said the attack can also be performed using the infrared port built into many laptops.
Don’t get me wrong, he deserves a long and drawn out lesson on morals
Fuck that. His morals are completely correct.
He's essentially the next Kevin Mitnick.
An hero
A true agent of chaos
He's essentially the next Kevin Mitnick.
I agree, this kid would be a great pentester.
He's essentially the next Kevin Mitnick.