Last updated

Răzvan Manole Cernăianu

(1992-02-07) 7 February 1992 (age 31)
Other namesTK, The.Slacker
OccupationCo-Founder & COO of CyberSmartDefence.com
Known forUnauthorized computer access tinkode.com

Răzvan Manole Cernăianu (born 7 February 1992), nicknamed "TinKode", is a Romanian computer security consultant and hacker, known for gaining unauthorized access to computer systems of many different organizations, and posting proof of his exploits online. He commonly hacks high-profile websites that have SQL injection vulnerabilities, although unknown methods were used in his most recent attacks. Other aliases included sysgh0st. [3]


Personal life

TinKode is Romanian and claims to have been born in 1992 in the southern part of the country. [4] [1] He states that his hacking skills are the result of extreme curiosity and ambition. The targets are well known websites [5] and powerful brands with widespread influence, either for the online community or a particular marketplace. His attacks often involve the numeral seven. Tinkode was a fan of social networks, owning both a Twitter account, [6] a Facebook account, [7] as well as many blogs.

Alleged hacking

NASA's Goddard Space Flight Center was one of TinKode's most high-profile targets Goddard aerial.gif
NASA's Goddard Space Flight Center was one of TinKode's most high-profile targets

The Royal Navy's website was temporarily unavailable after TinKode claimed to have hacked it. [4] He has also breached the security of servers at NASA, [5] posting screenshots from an FTP server within NASA's Earth Observation System at Goddard Space Flight Center. He claims to have gained access to computers belonging to the European Space Agency. [8]

Other info

He also claims to have found vulnerabilities in organizations including Sun Microsystems, [9] MySQL, [10] Kaspersky Portugal, [11] the US Army, [12] YouTube, [13] Google, [14] Other websites. [15] TinKode has never been publicly criticized by the security experts, mainly because he didn't disclose full information regarding breached websites. He actually informed the webmasters before posting his results online, giving them time to fix the vulnerability. TinKode also received a Google Security Reward. [14]


On Tuesday, 31 January 2012, TinKode was placed under arrest by the Romanian authority DIICOT[ citation needed ] (Anti organised crime and terrorism institution), under the charge that he temporarily blocked the information systems of the US Army, Pentagon and NASA in association with Casi. TinKode was officially released on 27 April 2012. [16]

Petition and support

Following his arrest, a petition was generated to raise support for Tinkode on Wednesday, 8 February 2012. The petition was aimed at DIICOT and the FBI to give Tinkode a reasonable and fair sentence claiming that the hacker wasn't malicious and was hacking out of curiosity. Further he was released after 3 months.[ citation needed ]

Related Research Articles

Linux malware includes viruses, Trojans, worms and other types of malware that affect the Linux family of operating systems. Linux, Unix and other Unix-like computer operating systems are generally regarded as very well-protected against, but not immune to, computer viruses.

<span class="mw-page-title-main">SQL injection</span> Computer hacking technique

In computing, SQL injection is a code injection technique used to attack data-driven applications, in which malicious SQL statements are inserted into an entry field for execution. SQL injection must exploit a security vulnerability in an application's software, for example, when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and unexpectedly executed. SQL injection is mostly known as an attack vector for websites but can be used to attack any type of SQL database.

Moonlight Maze was a 1999 US government investigation into a massive data breach of classified information. It started in 1996 and affected NASA, the Pentagon, military contractors, civilian academics, the DOE, and numerous other American government agencies. By the end of 1999, the Moonlight Maze task force was composed of forty specialists from law enforcement, military, and government. The investigators claimed that if all the information stolen was printed out and stacked, it would be three times the height of the Washington Monument, which is 555 ft (169 m) tall. The Russian government was blamed for the attacks, although there was initially little hard evidence to back up the US accusations besides a Russian IP address that was traced to the hack. Moonlight Maze represents one of the first widely known cyber espionage campaigns in world history. It was even classified as an Advanced Persistent Threat after two years of constant assault. Although Moonlight Maze was regarded as an isolated attack for many years, unrelated investigations revealed that the threat actor involved in the attack continued to be active and employ similar methods until as recently as 2016.

<span class="mw-page-title-main">Anonymous (hacker group)</span> Decentralized hacktivist group

Anonymous is a decentralized international activist and hacktivist collective and movement primarily known for its various cyberattacks against several governments, government institutions and government agencies, corporations and the Church of Scientology.

<span class="mw-page-title-main">Pwnie Awards</span> Information security awards

The Pwnie Awards recognize both excellence and incompetence in the field of information security. Winners are selected by a committee of security industry professionals from nominations collected from the information security community. Nominees are announced yearly at Summercon, and the awards themselves are presented at the Black Hat Security Conference.

<span class="mw-page-title-main">Kaspersky Lab</span> Russian multinational cybersecurity and anti-virus provider

Kaspersky Lab is a Russian multinational cybersecurity and anti-virus provider headquartered in Moscow, Russia, and operated by a holding company in the United Kingdom. It was founded in 1997 by Eugene Kaspersky, Natalya Kaspersky, and Alexey De-Monderik; Eugene Kaspersky is currently the CEO. Kaspersky Lab develops and sells antivirus, internet security, password management, endpoint security, and other cybersecurity products and services.

HostGator is a Houston-based provider of shared, reseller, virtual private server, and dedicated web hosting with an additional presence in Austin, Texas.

The Asprox botnet, also known by its aliases Badsrc and Aseljo, is a botnet mostly involved in phishing scams and performing SQL injections into websites in order to spread malware. It is a highly infectious malware which spreads through an email or through a clone website. It can be used to trace any kind of personal or financial information and activities online.

<span class="mw-page-title-main">Goatse Security</span> Hacker group

Goatse Security (GoatSec) was a loose-knit, nine-person grey hat hacker group that specialized in uncovering security flaws. It was a division of the anti-blogging Internet trolling organization known as the Gay Nigger Association of America (GNAA). The group derives its name from the Goatse.cx shock site, and it chose "Gaping Holes Exposed" as its slogan. The website has been abandoned without an update since May 2014.

The Jester is a self-identified grey hat hacktivist. He claims to be responsible for attacks on WikiLeaks and Islamist websites. He claims to be acting out of American patriotism.

Teamp0ison was a computer security research group consisting of 3 to 5 core members. The group gained notoriety in 2011/2012 for its blackhat hacking activities, which included attacks on the United Nations, NASA, NATO, Facebook, Minecraft Pocket Edition Forums, and several other large corporations and government entities. TeaMp0isoN disbanded in 2012 following the arrests of some of its core members, "TriCk", and "MLT".

The Unknowns is a self-proclaimed ethical hacking group that came to attention in May 2012 after exploiting weaknesses in the security of NASA, CIA, White House, the European Space Agency, Harvard University, Renault, the United States Military Joint Pathology Center, the Royal Thai Navy, and several ministries of defense. The group posted their reasons for these attacks on the sites Anonpaste & Pastebin including a link to a compressed file which contained a lot of files obtained from the US Military sites they breached. The Unknowns claim "... our goal was never to harm anyone, we want to make this whole internet world more secured because, simply, it's not at all and we want to help." The group claims to be ethical in their hacking activities, but nonetheless lifted internal documents from their victims, posting them online. They claim this was because they had reported the security holes to many of their victims, but did not receive a response back from any of them. The whole point was to show that these government-run sites have loopholes in their code and anyone can exploit them. The group used methods like advanced SQL injection to gain access to the victim websites. NASA and the ESA have both confirmed the attack. They claimed that the affected systems were taken offline and have since been patched. At the time this was one of the most wanted hacking groups in Europe and also wanted by the FBI, although they refused to tell if they were investigating the hacks.

UGNazi is a hacker group. The group conducted a series of cyberattacks, including social engineering, data breach, and denial-of-service attacks, on the websites of various organizations in 2012. Two members of UGNazi were arrested in June 2012; one was incarcerated. In December 2018, two members of UGNazi were arrested in connection with a murder in Manila.

<span class="mw-page-title-main">NullCrew</span>

NullCrew was a hacktivist group founded in 2012 that took responsibility for multiple high-profile computer attacks against corporations, educational institutions, and government agencies.

Marcel-Lehel Lazăr, known as Guccifer, is a Romanian hacker responsible for high-level computer security breaches in the U.S. and Romania. Lehel targeted celebrities, Romanian and U.S. government officials, and other prominent persons.

<span class="mw-page-title-main">Mohamed Elnouby</span> Egyptian programmer and information security specialist

Mohamed Abdelbasset Elnouby is an Egyptian programmer and information security specialist, and one of the most famous white hat Arabic hackers.

Lazarus Group is a cybercrime group made up of an unknown number of individuals run by the government of North Korea. While not much is known about the Lazarus Group, researchers have attributed many cyberattacks to them between 2010 and 2021. Originally a criminal group, the group has now been designated as an advanced persistent threat due to intended nature, threat, and wide array of methods used when conducting an operation. Names given by cybersecurity organizations include Hidden Cobra and Zinc.

<span class="mw-page-title-main">Benjamin Kunz Mejri</span>

Benjamin Kunz Mejri is a German IT security specialist and penetration tester. His areas of research include vulnerabilities in computer systems, bug bounties, the security of e-payment payment services and privacy protection. Mejri is known for uncovering new zero-day vulnerabilities and making them transparent to the public.

MLT, real name Matthew Telfer, is a cybersecurity researcher, former grey hat computer hacker and former member of TeaMp0isoN. MLT was arrested in May 2012 in relation to his activities within TeaMp0isoN, a computer-hacking group which claimed responsibility for many high-profile attacks, including website vandalism of the United Nations, Facebook, NATO, BlackBerry, T-Mobile USA and several other large sites in addition to high-profile denial-of-service attacks and leaks of confidential data. After his arrest, he reformed his actions and shifted his focus to activities as a white hat cybersecurity specialist. He was the founder of now-defunct Project Insecurity LTD.

Nulled is an online cracking forum.


  1. 1 2 Albu, Claudia (1 February 2012). "Dezvăluiri incredibile despre hackerul român TinKode! Şi-a luat cu greu Bac-ul, dar a speriat Pentagonul!". libertatea.ro. Retrieved 1 November 2019.
  2. "UPDATE: Hackerul TinKode a fost arestat preventiv. Student din Timișoara suspectat că a spart servere de la NASA și Pentagon, reținut de DIICOT - Ora de Stiri". Archived from the original on 21 October 2014. Retrieved 14 October 2014.
  3. "Razvan Cernaianu". YouTube. Retrieved 14 October 2014.
  4. 1 2 Weaver, Matthew (8 November 2010). "Hacker attacks Royal Navy website". "guardian.co.uk".
  5. 1 2 Leyden, John (18 May 2011). "Serial hacker TinKode rifles through NASA satellite files". "theregister.co.uk".
  6. "Răzvan Cernăianu" . Retrieved 14 October 2014.
  7. "Welcome to Facebook - Log In, Sign Up or Learn More". Facebook. Retrieved 14 October 2014.
  8. Leyden, John (18 April 2011). "Royal Navy hacker claims to have broken into space agency site". "theregister.co.uk".
  9. Constantin, Lucian (28 March 2011). "Vulnerabilities Disclosed on Sun Websites". "softpedia.com".
  10. "MySQL.com Database Hacked via SQL Injection - Softpedia". News.softpedia.com. Retrieved 1 February 2012.
  11. "Kaspersky Lab's Portuguese Website Compromised - Softpedia". News.softpedia.com. 8 December 2009. Retrieved 1 February 2012.
  12. "U.S. Army Website Hacked". Dark Reading. Retrieved 1 February 2012.
  13. "Technology News: Exploits & Vulnerabilities: Hackers Target YouTube With XXX XSS Attacks". Technewsworld.com. Retrieved 1 February 2012.
  14. 1 2 "Google Security Hall of Fame – Company". www.google.com. Archived from the original on 30 May 2011.
  15. "ISR – TinKode's Blog". Isrtinkode.wordpress.com. Retrieved 1 February 2012.
  16. Moscaritolo, Angela. "NASA, Pentagon Hacker TinKode Arrested in Romania". PC Magazine. Ziff Davis, Inc. Retrieved 1 December 2013.