How not to steal $46 million from the US government
Smashing Security12 Maalis

How not to steal $46 million from the US government

A Wikipedia security engineer accidentally wakes a dormant JavaScript worm that hadn't stirred since 2024 - and within minutes, giant woodpecker images are plastered across the internet's favourite encyclopaedia.

Meanwhile, a crypto contractor hired to help the US Marshals manage seized digital assets allegedly decides to help himself to $46 million of it - and then brags about it on a recorded Telegram call.

Plus: Graham champions Asterix, Trisha discovers the fantasy novels of Robin Hobb, and someone called "Lick" ends up in the nick.

All this, and much more, in episode 458 of the "Smashing Security" podcast with cybersecurity veteran Graham Cluley, and special guest Tricia Howard.


EPISODE LINKS:




SPONSORS:

  • Vanta - Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!
  • ThreatLocker - Start your free trial and book a demo of ThreatLocker today to see how you can implement Zero Trust in your environment.
  • Meter - Network infrastructure for the enterprise. Get a free personalised demo.


SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter! Join Smashing Security PLUS via Patreon or Apple Podcasts for ad-free episodes on our early-release feed!


FOLLOW THE SHOW:

Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.


THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.





Privacy & Opt-Out: https://redcircle.com/privacy

Jaksot(463)

The Epstein Files didn’t hide this hacker very well

The Epstein Files didn’t hide this hacker very well

Supposedly redacted Jeffrey Epstein files can still reveal exactly who they’re talking about - especially when AI, LinkedIn, and a few biographical breadcrumbs do the heavy lifting.Sloppy redaction le...

5 Helmi 36min

The dark web's worst assassins, and Pegasus in the dock

The dark web's worst assassins, and Pegasus in the dock

In episode 452, a London-based YouTuber wins a landmark court case against Saudi Arabia after his phone was hacked with Pegasus spyware — exposing how a single, seemingly harmless text message can tur...

29 Tammi 45min

I hacked the government, and your headphones are next

I hacked the government, and your headphones are next

In episode 451 of "Smashing Security," we meet the cybercriminal who hacked the US Supreme Court, Veterans Affairs, and more - and then helpfully posted screenshots (and even someone’s blood type) on ...

22 Tammi 45min

From Instagram panic to Grok gone wild

From Instagram panic to Grok gone wild

Confusion reigns after claims that data linked to 17.5 million Instagram accounts is up for sale - sparked by a vague post, contradictory statements, and a flood of password reset emails nobody asked ...

15 Tammi 36min

How to scam someone in seven days

How to scam someone in seven days

Romance scammers have apparently discovered astrology... and Taurus is their secret weapon.In episode 449 of "Smashing Security", we take a look inside an actual romance-fraud handbook - complete with...

8 Tammi 1h 1min

The Kindle that got pwned

The Kindle that got pwned

Think your Kindle is harmless? Think again! In this episode, Graham and special guest Danny Palmer unpack a Black Hat Europe talk revealing how a boobytrapped audiobook could exploit the Amazon eBook ...

18 Joulu 202536min

Grok the stalker, the Louvre heist, and Microsoft 365 mayhem

Grok the stalker, the Louvre heist, and Microsoft 365 mayhem

On this week's show we learn that AI really can be a stalker’s best friend, as we explore a strange tale that starts with a manatee-shaped mailbox on a millionaire's lawn and ends with Grok happily do...

11 Joulu 202555min

A hacker doxxes himself, and social engineering-as-a-service

A hacker doxxes himself, and social engineering-as-a-service

A teenage cybercriminal posts a smug screenshot to mock a sextortion scammer... and accidentally hands over the keys to his real-world identity. Meanwhile, we look into the crystal ball for 2026 and c...

4 Joulu 202544min

Suosittua kategoriassa Politiikka ja uutiset

uutiscast
aikalisa
politiikan-puskaradio
ootsa-kuullut-tasta-2
rss-ootsa-kuullut-tasta
tervo-halme
rss-podme-livebox
rss-vaalirankkurit-podcast
rss-asiastudio
otetaan-yhdet
rss-raha-talous-ja-politiikka
the-ulkopolitist
et-sa-noin-voi-sanoo-esittaa
rss-sinivalkoinen-islam
rss-hyvaa-huomenta-bryssel
aihe
rss-polikulaari-pitka-kiekko-ja-muut-ts-podcastit
rss-girls-finish-f1rst
rss-kovin-paikka
rss-tasta-on-kyse-ivan-puopolo-verkkouutiset