The scariest hacks of 2015

Nothing was safe from hackers this year.

From cars and gas stations to phones and hospital equipment, hackers got very creative finding new vulnerabilities to exploit.

And, even worse, they managed to get their hands on more intimate data than in past years.

This year wasn’t just hackers accessing emails, passwords, and social security information, but they also stole new kinds of personal data including fingerprints and pictures.

Here’s a look at the most frightening hacks that happened this year.

A billion Android devices were compromised by a vulnerability in the operating system.


A nasty Android vulnerability called 'Stagefright' went public in July. The exploit would let hackers take over the operating system of any Android phone without the user even knowing.

With almost 1 billion Android devices affected, security researchers were quick to call it one of the biggest smartphone security flaws ever. The vulnerability was discovered by the security company Zimperium, so we don't know if any hackers ever actually used it.

Google rolled out a patch, but because hardware manufacturers must first implement it before it can go to consumers, there's a good chance that millions of devices are still exposed.

A serious zero-day vulnerability was found in Mac OS X.

Business Insider

Even Apple, who is known for having some of the most secure devices, was hit with a major security headache when it was revealed hackers were exploiting a vulnerability called DYLD.

DYLD is known as a 'zero-day exploit' because it's a security hole that the software creator doesn't even know exists. Once these are discovered by the company, they are usually fixed pretty quickly.

The exploit let hackers install malicious applications on a victim's computer by taking advantage of a security hole in Apple's latest error-logging feature in the Mac OS X 10.10.

Apple reportedly worked quickly to fix the bug.

A hacker cracked GM's OnStar system using a homemade gadget.

The 29-year-old hacker Samy Kamkar built a device that could take over GM cars that have the OnStar system.

Kamkar built the device, which he dubbed the 'OwnStar' system, for about $100.

The gadget enabled Kamkar to do basically everything that an OnStar system does, including locate, unlock, and start the car using the gadget. All he had to do was attach it to the car he wanted to target and it out hijack the system.

A GM spokesperson told Tech Insider it has since fixed the issue by updating their OnStar RemoteLink app.

A hacker built a $30 gadget that can open car locks.

Samy Kamkar

Using parts purchased online for about $30, Kamkar also built a device that can break into just about any car or garage that uses keyless entry.

All a hacker has to do is place the wallet-size device on the targeted car to extract the necessary data to open the unlock the car anytime.

The vulnerability is a well-known flaw that lies in the chips used for the keyless entry system, Kamkar told Tech Insider this summer. At least one chipmaker has implemented a fix for the issue, he said.

Researchers took control of a Corvette's brakes via text message.

Security researchers found vulnerabilities in car dongles can be used to breach vehicles.

A scary vulnerability in cellular-capable car dongles enables hackers to take control over certain functions in cars, including car brakes and the windshield wipers.

The dongle is question is a USB-like device that plug into a vehicle's on-board diagnostics port under the dashboard. A lot of car owners these days are using dongles to make their cars smarter.

Security researchers used a Corvette to demo how to exploit the vulnerability, but they said that the exploit could work on almost any car with a dongle.

The car dongle the researchers used was one produced by Mobile Devices and distributed by Metromile. Metromile has since disabled the cellular capabilities in its devices.

Dell computers were left wide open to hackers.

Lisa Eadicicco

A huge security flaw was found in Dell computers in November.

The vulnerability existed in a security certificate found in new Dell computers shipped since August. The flaw left customers wide open to man-in-the-middle attacks, which are when a hacker discretely alters the communication between two parties without them knowing.

The hackers were able to show users fake versions of websites when they were using a public connection. Any information entered into those fake websites -- like passwords and other sensitive information -- could then be stolen.

Dell has since rolled out multiple ways for users to check if they have been affected and to fix the issue if they are. You can read more about how to check your computer here.

Millions of children had their personal information and pictures stolen.

In November, the Chinese toymaker VTech was breached and millions of parents and their children were affected.

Some 4.9 million parent accounts and 6.7 million kid's profiles were affected.

Stolen information included names, email addresses, encrypted passwords, IP addresses, and other sensitive information. But the most startling revelation was that pictures of children were also taken as part of the breach.

It's worth noting, though, that the hacker who claimed responsibility for the breach said he had no plans to do anything with the data.

Business Insider Emails & Alerts

Site highlights each day to your inbox.

Follow Business Insider Australia on Facebook, Twitter, LinkedIn, and Instagram.