How to lose friends and DDoS people

When the mysterious operator of an internet archiving-service decided to silence a curious Finnish blogger, they didn’t just send a stroppy email - they allegedly weaponised their own CAPTCHA page to launch a DDoS attack, threatened to invent an entirely new genre of AI porn, and tampered with parts of their own archive to smear the blogger's name.

In this episode, we unravel how a website designed to preserve history may have trashed its own credibility - and how Wikipedia responded when trust went out the window.

Plus a ransomware gang shoots itself in the foot with a classic case of buffoonery, accidentally corrupting the very keys victims would need to decrypt their data. When even the criminals can’t unlock your files, what happens next?

All this, a surprisingly zen Pick of the Week, and a gloriously splenetic rant against web forms, on episode 456 of the award-winning "Smashing Security" podcast, with cybersecurity veteran Graham Cluley and special guest Paul Ducklin.

EPISODE LINKS:

• This App Will Detect People Wearing Smart Glasses Near You - Lifehacker.
• Patients listed as dead after major NZ health app MediMap hacked - 1News.
• Why fake AI videos of UK urban decline are taking over social media - BBC News.
• FBI orders domain registrar to reveal who runs mysterious Archive.is site - Ars Technica.
• Archive.today CAPTCHA page executes DDoS; Wikipedia considers banning site - Ars Technica.
• Archive.today is directing a DDOS attack against my blog - Gyrovague.
• Critical buffer overflow bug - in ESXi ransomware - SolCyber.
• Yoga with Adriene - YouTube.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

SPONSORS:

• Coreview - Download "Total Tenant Takeover", a white paper about the Microsoft 365 Disaster No One Is Ready For.
• Vanta - Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!
• ThreatLocker - Start your free trial and book a demo of ThreatLocker today to see how you can implement Zero Trust in your environment.

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter! Join Smashing Security PLUS via Patreon or Apple Podcasts for ad-free episodes on our early-release feed!

FOLLOW THE SHOW:

Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.