Request a Demo Contact Us

L0pht

L0pht (also referred to as L0pht Heavy Industries) was one of the earliest and most influential hacking groups of the 1990s and one of the early pioneers in “white hat” today, known as “ethical” hacking.

L0pht (also referred to as L0pht Heavy Industries) was one of the earliest and most influential hacking groups of the 1990s and one of the early pioneers in “white hat” today, known as “ethical” hacking. Its members were invited to testify before Congress in 1998 on the dangers and relative insecurity of Government computer and network infrastructure. They alluded to the future threats facing the early Internet. The group testified that “any of us could bring the entire Internet down in 30 minutes.” L0pht gained notoriety as some of the earliest ethical or white hat hackers. Early on, L0pht was in Boston, Massachusetts.

The two key founding members of L0pht were Brian Oblivion and Count Zero. The two shared loft space in Boston. Both experimented with computers and networks. L0pht members ultimately founded L0pht Heavy Industries, a hacker think tank that authored and released various security advisories.

In October 1999, L0pht was written in the New York Times Sunday Magazine. As their notoriety continued to grow, in January 2000, L0pht Heavy Industries merged with the startup @stake. This combined entity was one of the first ethical or “white hat” security companies. Symantec ultimately acquired @stake in 2004.

Other L0pht founding members founded the well-known application security company Veracode. Veracode possessed valuable static binary analysis technology initially developed and built at @stake using ideas from the early days at L0pht.

L0pht has also produced some very cool and handy proprietary tools. L0pht produced L0phtCrack, a password cracker for Windows NT. Since then, the L0phtcrack tool has been released as open source. L0phtcrack is the password cracking/auditing tool initially created by Mudge and the team at L0pht Heavy Industries. Ownership of L0phtcrack passed to @stake, which then was acquired by Symantec. When export regulations changed, Symantec stopped selling the L0phtCrack. Then L0phtCrack was acquired again by the original L0pht team.

Later in April 2020, Terahash purchased the rights to L0phtCrack and started to sell it as a product. As it turned out, Terahash went bankrupt, resulting in the ownership of L0phtCrack reverting to L0pht! Nevertheless, the legacy of L0pht as one of the earliest white hat ethical hacker pioneers remains one of the great stories of the early days of cybersecurity.

 

Want to learn more? Check out our FREE Bugcrowd University to sharpen your hacking skills.

Organizations the world over need your help! Join our researcher community to connect with hundreds of organization programs focused on finding their security vulnerabilities. Our vast directory includes programs for all skill levels across many industries and from around the world.

Get started with Bugcrowd

Hackers aren’t waiting, so why should you? See how Bugcrowd can quickly improve your security posture.