Computer Chaos Club is by far the most well-publicized hacker group than other big hitters probably because of its knowledgeable base and solid hacking tools that any hacker may espouse today.
What attacks have they conducted in the past? The coordinated group has pulled off one of the most devastating hacks in history. It’s not easy to think CCC is capable of doing this.
1. Tricked Apple’s iPhone 5s Fingerprint Scanner
The CCC’s biometric hacking team claimed to have successfully tricked the new TouchID security feature on the Apple iPhone 5s. Apple had just released the iPhone 5s with a fingerprint sensor, aiming to strengthen security than before.
Apple’s previous fingerprint technology wasn’t superior to withstand cyber-attacks from notorious invaders. However, Germany’s Computer Chaos Club circumvented fingerprint locking using materials commonly found around our homes.
To beat it, they simply photographed the fingerprint of the device owner with 2400 dpi. Next was to invert the image and laser print it at 1200 dpi. They then poured latex milk into the pattern to make a fingerprint mask and finally breathed on to unlock the phone’s sensor.
“If you had a laser printer, a finger-smudged glass or latex milk, you could bypass the new security feature at ease – that’s according to the CCC hacker group.
The CCC criticizes the use of biometric security systems. Alongside critics, they advise big companies and phone users not to use fingerprints to secure anything. Creating fake fingers is fairly easy if what they say is actually true.
2. Hackers Associated with CCC Infiltrated Germany’s Elections
When the German government thought all was well with its voting computers, hackers, some of them associated with the CCC, proved they could manipulate the elections. They warned that they could tamper with what the voting kits had recorded.
The hackers went further to say, ‘these machines could be reprogrammed to play chess.’ But the voting computers’ developer didn’t take their words seriously.
While everybody thought it was a prank, the CCC hackers got their hands on the computer to prove they could manipulate votes. As a result, the court nullified the use of voting machines. Oh, that was in 2006.
In Germany, CCC pays closer attention to such issues to ensure democracy isn’t hacked. The group organizes monthly talk shows, publications, campaigns and throws occasional parties.
By revealing flaws in the German government, computer systems, and banking, the club made them more resistant to cyberattacks.
3. Attack on CDU Connect (A Mobile Application CDU used)
In May 2021, Christian Democratic Union (CDU), a German’s ruling political party allegedly threatened to take legal action against one of the CCC activists following a security bug report.
The spokesman of the hacking group announced that they wouldn’t cooperate with them any longer, resulting in a dispute between the two parties. The CCC security researcher (Lilith Wittmann) claimed security flaws on CDU connect web API (a mobile app the political party uses to reach out to its followers during the election season).
According to the researcher, the app was vulnerable to being tampered with. And this gave unauthorized persons like her access to the private data of more than 18,500 campaign workers.
Some personal information included email addresses, photos, and their interests. More alarming was the date of birth of 1,300 users.
Wittmann felt honor-bound to report the findings to the CDU’s data protection department. Sadly, CDU changed the goal post and threatened the association with legal prosecution. The CCC criticized the move, terming it as “extremely ungrateful.”
4. BTX-Hack
An early high-profile hack made the Computer Chaos Club a world-famous hacking group in 1984. The club drew the attention of the common man when its founders Steffen Wernéry and Wau Holland discovered a buffer overflow of the Bildschirmtext computer network.
Since the overflow would spit out uuencoded data such as passwords, the hackers managed to debit a staggering amount of money in Hamburg bank in their favor. After the incident, they returned the money back in front of the press.
The bank’s system providers didn’t react to prove this vulnerability was an exaggeration. Instead, they thanked the CCC for making them aware of potential security flaws.
Bundespost responded three days later, saying the system was now safe.
5. Samsung S8 iris recognition
Although the Samsung S8 iris recognition feature helps keep your phone locked, hackers affiliated with the CCC claimed to have unlocked it.
The company believed that patterns on your phone are virtually impossible to fake or replicate. In fact, “the patterns are unique to you, and your content will stay private,” as quoted on their official website.
We all know that Samsung sensors have a high resolution. However, the hackers bypassed the authentication system by photographing the phone’s owner on a glass surface.