WingNews logo WingNews
top | item 43934930

(no title)

aweiher | 9 months ago

The first sentence is actually:

> Login credentials belonging to an employee at both the Cybersecurity and Infrastructure Security Agency and the Department of Government Efficiency have appeared in multiple public leaks from info-stealer malware

Does not sound like clickbait for me.

discuss

order

InsideOutSanta|9 months ago

The Ars Technica article is a bit confusing, if you click through to the original article, the case they make is much clearer. It's not that his credentials were found on Have I Been Pwned, which is the case for most people through no fault of their own. Instead, it's this:

>But some of the datasets that Schutt is included in are much more concerning than normal data breaches because they're from stealer logs.

Logs from information-stealing malware were leaked multiple times, and if your credentials appear in multiple of those, that's reasonably good evidence that you are doing something wrong.

So I don't think the headline is clickbait, but I do think that the Ars article could be clearer in making its point.

Ukv|9 months ago

"Well-known" email addresses (e.g: gaben@valvesoftware.com, president@whitehouse.gov) also seem to show up in these mentioned stealer logs on https://haveibeenpwned.com/ - which makes me suspect addresses are extracted from keypresses even if just typed in the To field of an email, for instance, and do not necessarily indicate the owner of the email has malware on their machine or has had their account/password compromised.

poincaredisk|9 months ago

>reasonably good evidence that you are doing something wrong.

No need for multiple leaks, just one is enough.

And I wouldn't say "do something wrong", just getting infected with an infostealer. Happens all the time.

trollbridge|9 months ago

At one point I was a contractor for a government department and at another I was at a government sponsored NGO.

My credentials are in the various leaks, like the Adobe one.

“Login credentials belonging to a Department of Defense contractor, who previously had worked at a government-sponsored media outlet, have appeared in multiple public credential leaks.”

cma|9 months ago

Yep, headline doesn't say it is his current computer or anything, just that his computer was infected. It would be clickbait if it said his current computer is actively infected. Less clickbait than now if it said one of his computers appears to have been infected at some point.

krick|9 months ago

Cannot tell if it's sarcasm or not. Obviously everyone who reads the headline assumes it's his current computer, and it had some, uh, consequences. That's why they click. That's what makes it clickbait. Nobody would care otherwise.

(Also, if you are willing to be pointlessly formal, it goes in both directions, since it can be argued that a computer, which belongs to a person, who in the future will become DOGE's software engineer, but hasn't become yet, also formally isn't a "DOGE software engineer’s computer".)