S. Korean Freshman Busts into 280,000 E-commerce and Government Accounts

A 20-year-old student allegedly hacked websites across 24 countries, after watching YouTube videos on how to take advantage of software glitches.  

He leaked more than 10,000 passwords on his blog and online hacking forums, allegedly using some of the credentials to snoop into emails and fraudulently charge purchases. He also is accused of accessing the site of a South Korean state institution by using the stolen credentials of a civil servant.

The college freshman, in total, collected information from about 280,000 accounts.

“His main targets were low-security websites such as independently run shopping websites,” Yonhap reports. His tactics included “SQL injection,” a technique in which malicious code is injected into databases, and cross-site scripting, or inserting commands into websites.

The student, who learned how to hack from online videos and websites, wanted to "be recognized by other hackers," police said.