TinKode

Răzvan Manole Cernăianu, nicknamed "TinKode", is a Romanian computer security consultant and hacker, known for gaining unauthorized access to computer systems of many different organizations, and posting proof of his exploits online. He commonly hacks high-profile websites that have SQL injection vulnerabilities, although unknown methods were used in his most recent attacks. Other aliases included sysgh0st.

Early Life

Răzvan Manole Cernăianu was born on 7 February 1992 in the southern part of Romania. Operating under the nickname TinKode — and occasionally the alias sysgh0st — he has attributed his hacking abilities to extreme curiosity and personal ambition. From an early age he was drawn to well-known websites and powerful brands with broad online or commercial influence.

Hacking Activity

TinKode became widely recognized for gaining unauthorized access to the computer systems of numerous high-profile organizations and posting proof of his exploits online. His primary method involved exploiting SQL injection vulnerabilities, though some of his later attacks employed undisclosed techniques. Among the targets he claimed to have breached were the Royal Navy, whose website was temporarily taken offline; NASA, where he posted screenshots from an FTP server within the Earth Observation System at Goddard Space Flight Center; and the European Space Agency. He also claimed to have identified vulnerabilities in systems belonging to Sun Microsystems, MySQL, Kaspersky Portugal, the US Army, YouTube, and Google.

A notable characteristic of TinKode's activity was a pattern of responsible disclosure: he typically informed webmasters of vulnerabilities before publishing his findings publicly, giving organizations time to address the issues. His attacks were also noted for a recurring association with the numeral seven. Security experts largely refrained from public criticism of TinKode, in part because he did not release full details of breached systems.

Recognition

TinKode received a Google Security Reward in recognition of vulnerabilities he reported to the company. He maintained an active public presence through Twitter, Facebook, and several personal blogs.

Arrest and Release

On 31 January 2012, TinKode was placed under arrest by DIICOT, Romania's anti-organized crime and terrorism authority, on charges that he had temporarily disrupted the information systems of the US Army, the Pentagon, and NASA, allegedly in association with an individual identified as Casi. Following his arrest, a support petition was launched on 8 February 2012, addressed to both DIICOT and the FBI, arguing that TinKode's actions were motivated by curiosity rather than malicious intent and calling for a fair sentence. He was officially released on 27 April 2012, approximately three months after his arrest.