5 of the scariest hacks of 2015

This year we saw several instances of vehicles being vulnerable to hackers. Image Credit: HiltonHead This year we saw several instances of vehicles being vulnerable to hackers. Image Credit: HiltonHead
This year we saw several instances of vehicles being vulnerable to hackers. Image Credit: HiltonHead

Nothing was safe from hackers this year.

From cars and gas stations to phones and hospital equipment, hackers got very creative finding new vulnerabilities to exploit.

And, even worse, they managed to get their hands on more intimate data than in past years.

This year wasn’t just hackers accessing emails, passwords, and social security information, but they also stole new kinds of personal data including fingerprints and pictures.

Here’s a look at the most frightening hacks that happened this year.

1. A billion Android devices were compromised by a vulnerability in the operating system

A nasty Android vulnerability called“Stagefright” went public in July. The exploit would let hackers take over the operating system of any Android phone without the user even knowing.

With almost 1 billion Android devices affected, security researchers were quick to call it one of the biggest smartphone security flaws ever. The vulnerability was discovered by the security company Zimperium, so we don’t know if any hackers ever actually used it.

Google rolled out a patch, but because hardware manufacturers must first implement it before it can go to consumers, there’s a good chance that millions of devices are still exposed.

2. Ashley Madison hack left millions of cheaters exposed

This was not a good year for cheaters.

In July, it was revealed that the infidelity website Ashley Madison was breached and some 32 million users had their email addresses and partial credit card information posted to the internet.

Because the sole purpose of Ashley Madison is to help married people have an affair, just having names exposed was a huge deal.

Ashley Madison, though, claims that since the hack it has actually seen increased growth. Users whose information was exposed, though, haven’t been so lucky.

3. A serious zero-day vulnerability was found in Mac OS X

Even Apple, who is known for having some of the most secure devices, was hit with a major security headache when it was revealed hackers were exploiting a vulnerability called DYLD.

DYLD is known as a “zero-day exploit” because it’s a security hole that the software creator doesn’t even know exists. Once these are discovered by the company, they are usually fixed pretty quickly.

The exploit let hackers install malicious applications on a victim’s computer by taking advantage of a security hole in Apple’s latest error-logging feature in the Mac OS X 10.10.

Apple reportedly worked quickly to fix the bug.

4. Researchers took control of a Corvette’s brakes via text message

A scary vulnerability in cellular-capable car dongles enables hackers to take control over certain functions in cars, including car brakes and the windshield wipers.

The dongle is question is a USB-like device that plug into a vehicle’s on-board diagnostics port under the dashboard. A lot of car owners these days are using dongles to make their cars smarter.

Security researchers used a Corvette to demo how to exploit the vulnerability, but they said that the exploit could work on almost any car with a dongle.

The car dongle the researchers used was one produced by Mobile Devices and distributed by Metromile. Metromile has since disabled the cellular capabilities in its devices.

5. 15 million T-Mobile customers had their data stolen after a third-party breach

In October, T-Mobile revealed that some 15 million customers who applied for T-Mobile services or for device financing between September 1, 2013 to September 16, 2015 had sensitive data stolen.

However, the data wasn’t stolen directly from T-Mobile.

The hackers managed to get the information from servers belonging to Experian, which processes credit checks for T-Mobile.

While no payment or banking information was obtained, hackers did manage to get the names, addresses, Social Security numbers, and identification numbers like those found on a driver license or passport of all those affected.

[BusinessInsider]