The 10 most mysterious cyber crimes

Worms, hacks, satellites attacks, DNS spoofs and more unsolved computing crimes


Hacking Your MBA App (March 2006) Waiting on a college or graduate school decision is a nail-biting experience, so when one hacker found out how to break into the automated ApplyYourself application system in 2006, it was only natural that he wanted to share the wealth. Dozens of top business schools, including Harvard and Stanford, saw applicants exploiting the hack in order to track their application statuses. The still-unknown hacker posted the ApplyYourself login process on Business Week's online forums; the information was promptly removed and those who used it were warned by schools that they should expect rejection letters in the mail.

The 26,000 Site Hack Attack (Winter 2008) MSNBC.com was among the largest of the thousands of sites used by a group of unknown hackers earlier this year to redirect traffic to their own JavaScript code hosted by servers known for malware. The malicious code was embedded in areas of the sites where users could not see it, but where hackers could activate it.

Supermarket Security Breach (February 2008) Overshadowed only by a T.J Maxx breach in 2005, the theft of at least 1,800 credit and debit card numbers (and the exposure of about 4.2 million others) at supermarket chains Hannaford and Sweetbay (both owned by the Belgium-based Delhaize Group) in the Northeast United States and Florida remains unsolved more than six months later. Chain reps and security experts are still unclear as to how the criminals gained access to the system; the 2005 T.J.Maxx breach took advantage of a vulnerability in the chain's wireless credit transfer system, but Hannaford and Sweetbay do not use wireless transfers of any sort. Without more information, the difficulty in tracking down those responsible grows exponentially.

Comcast.net Gets a Redirect (May 2008) A devious hack doesn't always mean finding a back door or particularly crafty way into a secure network or server; sometimes it just means that account information was compromised. Such was the case earlier this year when a member of the hacker group Kryogeniks gained unauthorized access to Comcast.net's registrar, Network Solutions. The domain name system (DNS) hack altered Comcast.net's homepage to redirect those attempting to access webmail to the hackers' own page (pictured). Spokespeople for Comcast and Network Solutions are still unclear as to how the hackers got the username and password.