cybersecurity

4132 readers

29 users here now

An umbrella community for all things cybersecurity / infosec. News, research, questions, are all welcome!

Community Rules

Be kind
Limit promotional activities
Non-cybersecurity posts should be redirected to other communities within infosec.pub.

Enjoy!

founded 2 years ago

MODERATORS

shellsharks

tweedge

238

DOGE software engineer’s computer infected by info-stealing malware (arstechnica.com)

submitted 2 weeks ago by cm0002@lemmy.world to c/cybersecurity

13 comments fedilink hide all child comments

top 13 comments

sorted by: hot top controversial new old

[–] 9point6@lemmy.world 58 points 2 weeks ago (1 children)

You know what, I'm surprised it took this long

[–] thesohoriots@lemmy.world 43 points 2 weeks ago (2 children)

Only took two tries to guess “BigBalls1488”

[–] noctivius@lemm.ee 2 points 2 weeks ago (1 children)

[–] shalafi@lemmy.world 4 points 1 week ago

If you think it's too dumb, Trump already did it.

A security researcher reportedly logged in to President Trump's Twitter account last week by guessing the password—it was "maga2020!"

[–] WolfmanEightySix@piefed.social 2 points 2 weeks ago

That would be such an unfortunate date of birth.

[–] hydroptic@sopuli.xyz 54 points 2 weeks ago* (last edited 2 weeks ago) (1 children)

Before reading the article I wondered whether this was a targeted attack or if he's just inept, but:

According to journalist Micah Lee, user names and passwords for logging in to various accounts belonging to Schutt have been published at least four times since 2023 in logs from stealer malware. Stealer malware typically infects devices through trojanized apps, phishing, or software exploits.

So not only is he inept enough to regularly keep getting infected with info stealer malware (probably from installing / running idiotic shit), he's inept enough that he doesn't seem to have noticed, or if he did notice he certainly didn't learn from it.

Funny how conservatives so often seem to be absolute dogshit at anything they do

[–] Ledericas@lemm.ee 1 points 2 weeks ago

thats why they arnt hired in red states, when tech moves there.

[–] pivot_root@lemmy.world 26 points 2 weeks ago* (last edited 2 weeks ago)

I'm totally sure it was an accident. I'm sure we've all made the mistake of opening Шет_Рцссу.mp4.exe after receiving it as an email attachment from Elmo. /s

Joke aside, that's some pretty impressive incompetence. Not once. Not twice. Multiple times. The guy ran infostealer malware multiple times over the course of multiple years.

[–] hperrin@lemmy.ca 19 points 2 weeks ago

Of course it is. And now all of our social security numbers are probably on the dark web. I mean, AT&T already did that last year, but now they’re on there twice.

[–] UltraMagnus0001@lemmy.world 11 points 2 weeks ago

So all of our info DOGE stole from the govt about us, that was probably on that idiots computer was stolen?

[–] TheButtonJustSpins 11 points 2 weeks ago

I had to read the title three times before I realized this was about the organization and not the crypto. Ugh.

[–] Cyber@feddit.uk 4 points 2 weeks ago

So... breaking this down..his work laptop has malware on and the gov IT system isn't finding it... for ~2 years...?!

[–] webghost0101@sopuli.xyz 0 points 2 weeks ago

Lies.

You cant be infected with malware if malware is already your default system of operation.