An unskilled hacker who originates nothing but simply steals code, techniques and attack methods from others. Many viruses and worms on the web today are simply patched together from other bits of code that malicious hackers share. 
It's a derogatory term from hacker culture, where "hacker" was originally a term for highly skilled programmers that also subscribed to a do-no-harm hacker ethic or practice "ethical hacking. Substitute terms include skiddie or script bunny, skid, script kitty, and script-running juvenile (SRJ). A common conception is that they're juveniles who lack the ability to write their own hacking programs, and write these programs to try to impress their friends and win renown. The term often means "anonymous mischief makers" and is usually applied to teenagers, college students, who "don't yet have the skill to program computers but like to pretend that they do." They've been described as "low-level malicious hackers" motivated by mischief and revenge.
Script kiddies have the capability of harassing advanced computers and networks. Mass mailer worms can spread through e-mails and can slow down network performance by using up too much bandwidth. Some programs can delete encrypted files. A denial of service attack or DoS can attempt to overwhelm a server.
There are some indications of a trend that skilled virus writers publish their code on the web with detailed descriptions of how they work, and in essence, "leave their viruses lying around for anyone to use." But script kiddies use the code and can possibly cause a "digital plague." The SoBig.F virus and Blaster worm cost U.S. businesses and consumers billions of dollars in lost productivity in the summer of 2003. Courses are offered to teach programmers how to defend against hacker attacks.
Script kiddies are sometimes able to exploit vulnerable systems. Some examples include:
- In 1999, a computer script program was used to discredit a law student named Magnus Eriksson studying at the Lund University in Sweden. Child pornography was uploaded onto his computer from an unidentified location. He was later acquitted of charges in 2004 when it was discovered that his computer had become controlled by the script kiddie program.
- In 2001, a hacker allegedly broke into credit card files and sent Bill Gates Viagra, according to BBC News. The hacker denied being a "script kiddie", and elaborated that the term meant "someone who can't program in any language."
- In 2009, analysts wondered whether hackers from North Korea had deliberately launched a cyber attack against U.S. government and South Korean websites, although there was speculation about who was behind the attacks; but most analysts agreed that the attacks were not perpetrated by "script kitty" level programmers.
Cybersecurity analysts raised doubts on Wednesday that the North Korean state launched recent attacks on U.S. government and South Korean websites, saying industrial spies or pranksters could be the villains... "This is not something that your average 'script kitty' can do.
- Mark Ward. Hi-tech crime: A glossary, BBC News, 2006-10-05. Retrieved on 2010-02-26.
- Levy, Steven, Hackers - Heroes of the Computer Revolution
- Lemos, Robert. Script kiddies: The Net's cybergangs. ZDNet. Retrieved on 2007-04-24.
- Clive Thompson. The Virus Underground, The New York Times: Magazine, February 8, 2004. Retrieved on 2010-02-26.
- Jon Swartz. Tech pros get to know their enemy, USA Today, 2003-09-23. Retrieved on 2010-02-26. “Script kiddie: Low-level malicious hacker, usually motivated by mischief and revenge.”
- Denial of Service Attacks. Carnegie Mellon University. Retrieved on 2008-12-22.
- Offer för porrkupp. Expressen (November 28, 2004).
- The hacker who sent Viagra to Bill Gates, BBC News, 2001-07-12. Retrieved on 2010-02-26. “A lot of crackers don't like what I did. They consider me to be a script kiddie, someone who can't program in any language, because I used an old exploit instead of creating a new one. But I've been programming since I was 11.”
- Reuters. Cyber attacks may not have come from North Korea, Reuters, 2009-07-08. Retrieved on 2010-02-26.