Palo Alto and Menlo Park crosswalks were hacked in April to play fake, satirical messages from Elon Musk and Mark Zuckerberg. Hackers were able to do this because Caltrans just never changed the default factory passwords.

Everyone got a good laugh in April of this year when hackers reprogrammed the audio of Palo Alto and Menlo Park crosswalks to play fake AI-generated voices of Elon Musk and Mark Zuckerberg, in messages that ruthlessly mocked those billionaire boy-kings. “Hi, this is Elon Musk,” one Palo Alto crosswalk said. “Welcome to Palo Alto, the home of Tesla engineering. You know, they say money can’t buy happiness. And, yeah, OK, I guess that’s true; God knows I’ve tried. But it can buy a Cybertruck, and that’s pretty sick, right? Fuck, I'm so alone.”

@bulou.varanisese #FYP #Paloalto #SiliconValley #ElonMusk #Cybertruck ♬ original sound - Frances | Silicon Valley SF

We are now learning there was an additional and quite hilarious fake Elon Musk message at another crosswalk. “You know, it’s funny, I used to think [Trump] was just this dumb sack of shit. But when you get to know him, he’s actually a really sweet and tender and loving,” that fake Musk crosswalk message said. That was followed by a fake Trump voice saying in the background, “Sweetie, come back to bed.”

This information comes to us from the Palo Alto Daily Post, who did a California Public Records Act request to find out if those cities and the crosswalk administrators at Caltrans ever got to the bottom of how the hack happened. It turns out they did get to the bottom of it, and the hack was amazingly simple.

“Caltrans didn’t change the passwords for the crosswalks that the manufacturers set, making them vulnerable to hackers,” the Daily Post reports.

Yes, Caltrans just kept the factory default passwords on these publicly used systems. Additionally, these new crosswalk systems are controlled by Bluetooth, so the hackers likely performed the prank with regular old smartphones. Older crosswalk systems had a central box which would have required physically breaking into.

NBC Bay Area spoke to San Jose State technology professor Ahmad Banafa on the security, or lack thereof, that allowed hackers such easy access to reprogram the crosswalk signals.

“This is not high-tech hacking, This is basically hacking because somebody left the door open,” Banafa told NBC Bay Area. “The weakest link in any cybersecurity system, in any network, is the human.”

Palo Alto residents were more amused than alarmed by the caper.

“I think it's more of a funny prank,” resident Daniel Martin said to that station. “Now if they told people to cross when the [traffic] light was green, then I would say that was a malicious prank.”

So basically, Menlo Park and Palo Alto simply got lucky that the hackers in this case were more practical jokers than bad players hoping to disrupt city infrastructure. But the security screw-up was still galling, and exposed that those pedestrian and traffic systems could be manipulated to deadly ends if more malicious actors were involved.  

Related: Hackers Reprogram Peninsula Crosswalk Signals to Mock Elon Musk and Zuckerberg [SFist]

Images: Left (Bulou Varanisese via TikTok), (Right) GREEN BAY, WISCONSIN - MARCH 30: Billionaire businessman Elon Musk arrives for a town hall wearing a cheesehead hat at the KI Convention Center on March 30, 2025 in Green Bay, Wisconsin. The town hall is being held in front of the state’s high-profile Supreme Court election between Circuit Court Judge Brad Schimel, who has been financially backed by Musk and endorsed by President Donald Trump, and Dane County Circuit Court Judge Susan Crawford. (Photo by Scott Olson/Getty Images)

At least one U.S. company, but probably more, is among several firms that a Santa Clara-based cybersecurity firm says has been infiltrated via some sort of password theft scheme that appears to be targeting the Department of Defense.

The latest international attempt to infiltrate the U.S. Department of Defense appears to have been to some degree successful, and according to KTVU, the password theft scheme targeted at least 370 different companies worldwide. That’s the assessment of Santa Clara-based cybersecurity firm Palo Alto Networks, and KTVU reports that the hackers did breach “nine global organizations across the defense, education, energy, health care and technology sectors.”

The reporting is all quite purposefully vague, and none of the companies who were breached are named. But according to CNN, “at least one of those organizations is in the U.S.”

“As early as Sept. 17 the actor leveraged leased infrastructure in the United States to scan hundreds of vulnerable organizations across the internet,” Palo Alto Networks said in a Sunday statement. “Subsequently, exploitation attempts began on Sept. 22 and likely continued into early October. During that window, the actor successfully compromised at least nine global entities across the technology, defense, healthcare, energy and education industries.”

CNN has more detail, and plain English. “The hackers have stolen passwords from some targeted organizations with a goal of maintaining long-term access to those networks,” CNN reports. “The intruders could then be well placed to intercept sensitive data sent over email or stored on computer systems until they are kicked out of the network.”

The breach targeted companies using something called Zoho ManageEngine servers. If you or your company uses those, well, you’re advised to update that software and look for any signs of a breach.

Related: Tesla Successfully Thwarts Russian Ransomware Attack [SFist]

Image:Mika Baumeister via Unsplash

A hacker and security activist associated with the Anonymous collective is claiming responsibility for an attack on GoDaddy.com's widely used web hosting and doman registration service that darkened a large swath of the Internet today. TechCrunch reports that customers of the service, which many will recognize from their bikini-heavy Superbowl commercial spots, have been experiencing outages with everything from hosted domains to email and phone service.

The hacker behind the takedown goes by the name of Anonymous Own3r. Despite his callsign, he is claiming sole responsibility for the hack which he says is not coming from the nebulous collective itself.

Hello everyone who wanna me to put 99% of the global Internet in #tangodown?

— Anonymous Own3r (@AnonymousOwn3r) September 10, 2012

The hacker vaguely explained that he went after the domain hosting service in order to "test how cyber security is safe" and other reasons he didn't want to discuss on Twitter. GoDaddy, on the other hand, is aware of the problem, but is having a hard enough time keeping up with all the frustrated customers:

So many messages, can't get to you all... Sorry to hear all your frustration. We're working feverishly to resolve as soon as possible.

— Go Daddy (@GoDaddy) September 10, 2012

At the moment GoDaddy.com is up, but many sites hosted with the company are dark. Some service has already been restored.

[TechCrunch]

While j-schoolers at Cal are busy bemoaning the state of the Journalism and perfecting that well-worn journalist look (hint: spiral notepad, unkempt hair, elbow patches, lots of chin scratching), a hacker breached UC Berkeley's School of Journalism server in July. According to the Daily Cal, "500 applicants to the UC Berkeley Graduate School of Journalism were notified [Tuesday] that their Social Security numbers and other private data may have been compromised in a recent campus security breach." This most recent hacking affects "people who applied to the school between September 2007 and May 2009." While, most likely, no one is at real risk of any serious identity damage -- real journalism students have neither a hefty bank nor decent credit -- students were notified weeks after the actual attack. According to Shelton Waggener, the school's "associate vice chancellor for information technology and chief information officer," a delay in notification is typical in these situations. "It just takes time to do the investigation," he said. "Once we were certain of as much info as we could be, we began the notification process and developing the notification strategy."

The Silicon Valley set has been abuzz this week after TechCrunch published private Twitter documents obtained by a hacker. Said secret documents went up on Tuesday and include, according to Baynewser, "everything from growth projections to job applicant resumes to personal credit card numbers" to tales about business-to-celebrity relationships. Needless to say, the docs are way too smart and far too tech-ish for us to understand -- lots of fancy code and ones and zeros, we can only assume -- but Twitter is none too thrilled. Rightfully so. However, the posting of the hacker-cracked documents are protected by the First Amendment, or so says the Citizen Media Law Project. In the end, though, everyone will come out of this relatively unscathed; just a little bit of internet drama to snack on. Nothing to see here. Go back to following @newsomshair.