This article is more than 5 years old

I’ve spoken before about hackers f**king around with road signs to display images claiming everything from zombie outbreaks to Dalek invasions.

But a couple of weeks ago, it seems that the hackers went one step further and attacked an electronic billboard remotely to display an obscene image to motorists and passers-by in the affluent uptown district of Buckhead, Atlanta.

I’ve censored the image of the hacked billboard below, but if you’re curious what the image was (the BBC News report, probably quite rightly, waltzes around the issue) it’s Goatse.

Please please. Do NOT search for Goatse on the web. If you don’t know what Goatse is, consider yourself lucky.

According to one news report, some onlookers were so upset by what they saw that they called the police:

One driver was so disturbed she called 911. “There’s an electronic billboard that is flashing a naked man,” one woman said in the 911 call. “It’s not actually an emergency; it’s just totally disgusting.”

The FBI is said to be investigating the hack, which reportedly also impacted some other electronic billboards owned by Yesco across the United States.

Interestingly, security expert Dan Tentler has recently been sharing on Twitter his dialogs with Yesco regarding the security of their systems and the risks of an attack, claiming that the company was using easy-to-guess passwords.

In the wake of the hack, Tentler claims that signs run by the company remained online and accessible to hackers following the breach.

On Reddit, a group calling itself the Assange Shuffle Collective claimed responsibility for the hack, but there’s no way to verify if that is true or not.

After all, I could create a Reddit userid and claim that the Beryl Reid Appreciation Society was behind recent hacks against healthcare insurers, but it wouldn’t make it true.

Remember folks, don’t use default passwords. Make your passwords unique, hard-to-crack and impossible to guess. Ideally use some form of multi-factor authentication so even if your password is compromised it will be much harder for an unauthorised party to cause any havoc with it.

And if a security researcher contacts you about a vulnerability in your system, take him seriously. After all, who knows who might else have discovered it?

Found this article interesting? Follow Graham Cluley on Twitter to read more of the exclusive content we post.