You are never too young to hack – and that applies to CyFi, the handle for a 10-year-old hacker who graced DefCon 19 by revealing a zero-day exploit in games which are available on both iOS and Android-powered devices, and independent researchers have stepped forward to confirm this as a new class of vulnerability. CyFi looks like an ordinary 10-year old girl from California, but underneath those dark glasses lie a computing brain not to be trifled with. Her claim to fame lay in the discovery of said flaw sometime in January this year because she “started to get bored” with the pace of farm-style games.
According to CyFi, “It was hard to make progress in the game, because it took so long for things to grow. So I thought, ‘Why don’t I just change the time?’” Most of the games that she discovered carrying the exploit have time-dependent factors. For instance, if it takes 15 hours in real time to plant a particular crop, advancing the phone or tablet’s clock manually actually forced the game to move further than it really was, hence opening up the door to the exploit. She has yet to reveal just which are the affected games – good girl, as she wants to give the vendors a chance to respond – correctly.
If only she found a way to get rid of that mole in Animal Crossing whenever I turn off the game by “accident”, now that would be swell.
Next Story: Archos Arnova 8 G2 tablet arrives at the FCC
- 2014-04-14: Tesla Model S Owners Hack Own Cars, Discover Ubuntu
- 2014-04-01: LinkedIn Email Addresses Exposed Via Browser Plug-In Software
- 2014-03-30: Tesla Vehicles Can Be Hacked To Unlock The Car Remotely
- 2014-03-20: Facebook’s Hack Programming Language Aims To Deliver Faster Coding Process
- 2014-03-12: NSA Dressed Up As Facebook To Infect PCs With Malware
- 2013-03-20: Xbox Live Accounts Of 'High Profile' Microsoft Employees Hacked
- 2011-10-05: Cheap graphics cards help crack passwords
- 2011-08-22: SpyEye hacker toolkit might be cause of cyberattack increase
- 2011-08-12: University of Wisconsin-Milwaukee system hacked, personal information stolen